Develop logic of a new index for the fim module (#6227)

* Create index pattern to be used in file integrity monitoring module and create checks on the health-check of the index pattern

* adjustments to the health check for the fim index pattern

* tab dashboard name change

* merge with master

* delete console.log

* update changelog

* correction of unit test of fim

* correction of unit test of fim

* correction of unit test of fim

* correction of unit test of fim

CHANGELOG.md

@@ -9,6 +9,7 @@ All notable changes to the Wazuh app project will be documented in this file.
 - Support for Wazuh 4.9.0
 - Added AngularJS dependencies [#6145](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6145)
 - Remove embedded discover [#6120](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6120)
+- Develop logic of a new index for the fim module [#6227](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6227)
 
 ## Wazuh v4.8.1 - OpenSearch Dashboards 2.10.0 - Revision 00
 

plugins/main/common/config-equivalences.js

@@ -98,6 +98,8 @@ export const nameEquivalence = {
   'alerts.sample.prefix': 'Sample alerts prefix',
   'vulnerabilities.pattern': 'Index pattern',
   'checks.vulnerabilities.pattern': 'Vulnerabilities index pattern',
+  'fim.pattern': 'Index pattern',
+  'checks.fim.pattern': 'Fim index pattern',
 };
 
 const HEALTH_CHECK = 'Health Check';

plugins/main/common/constants.ts

@@ -51,6 +51,9 @@ export const WAZUH_STATISTICS_DEFAULT_CRON_FREQ = '0 */5 * * * *';
 // Wazuh vulnerabilities
 export const WAZUH_VULNERABILITIES_PATTERN = 'wazuh-states-vulnerabilities';
 
+// Wazuh fim
+export const WAZUH_FIM_PATTERN = 'wazuh-states-fim';
+
 // Job - Wazuh initialize
 export const WAZUH_PLUGIN_PLATFORM_TEMPLATE_NAME = 'wazuh-kibana';
 
@@ -861,6 +864,33 @@ export const PLUGIN_SETTINGS: { [key: string]: TPluginSetting } = {
       return schema.boolean();
     },
   },
+  'checks.fim.pattern': {
+    title: 'Fim index pattern',
+    description:
+      'Enable or disable the fim index pattern health check when opening the app.',
+    category: SettingCategory.HEALTH_CHECK,
+    type: EpluginSettingType.switch,
+    defaultValue: true,
+    isConfigurableFromFile: true,
+    isConfigurableFromUI: true,
+    options: {
+      switch: {
+        values: {
+          disabled: { label: 'false', value: false },
+          enabled: { label: 'true', value: true },
+        },
+      },
+    },
+    uiFormTransformChangedInputValue: function (
+      value: boolean | string,
+    ): boolean {
+      return Boolean(value);
+    },
+    validate: SettingsValidator.isBoolean,
+    validateBackend: function (schema) {
+      return schema.boolean();
+    },
+  },
   'cron.prefix': {
     title: 'Cron prefix',
     description: 'Define the index prefix of predefined jobs.',

plugins/main/public/components/common/modules/modules-defaults.js

@@ -11,18 +11,18 @@
  */
 import { Dashboard } from './dashboard';
 import { Events } from './events';
-import { MainFim } from '../../agents/fim';
 import { MainSca } from '../../agents/sca';
-import { MainVuls } from '../../agents/vuls';
 import { MainMitre } from './main-mitre';
 import { ModuleMitreAttackIntelligence } from '../../overview/mitre_attack_intelligence';
 import { ComplianceTable } from '../../overview/compliance-table';
 import ButtonModuleExploreAgent from '../../../controllers/overview/components/overview-actions/overview-actions';
 import { ButtonModuleGenerateReport } from '../modules/buttons';
 import { OfficePanel } from '../../overview/office-panel';
 import { GitHubPanel } from '../../overview/github-panel';
-import { DashboardVuls, InventoryVuls } from '../../overview/vulnerabilities'
-import { withModuleNotForAgent, withModuleTabLoader } from '../hocs';
+import { DashboardVuls, InventoryVuls } from '../../overview/vulnerabilities';
+import { withModuleNotForAgent } from '../hocs';
+import { DashboardFim } from '../../overview/fim/dashboard/dashboard';
+import { InventoryFim } from '../../overview/fim/inventory/inventory';
 
 const DashboardTab = {
   id: 'dashboard',
@@ -56,12 +56,17 @@ export const ModulesDefaults = {
   fim: {
     init: 'dashboard',
     tabs: [
-      DashboardTab,
+      {
+        id: 'dashboard',
+        name: 'Dashboard',
+        buttons: [ButtonModuleExploreAgent],
+        component: DashboardFim,
+      },
       {
         id: 'inventory',
         name: 'Inventory',
         buttons: [ButtonModuleExploreAgent],
-        component: MainFim,
+        component: InventoryFim,
       },
       EventsTab,
     ],

plugins/main/public/components/health-check/container/__snapshots__/health-check.container.test.tsx.snap

@@ -122,6 +122,23 @@ exports[`Health Check container should render a Health check screen 1`] = `
         title="Check vulnerabilities index pattern"
         validationService={[Function]}
       />
+      <CheckResult
+        awaitFor={Array []}
+        canRetry={true}
+        checksReady={Object {}}
+        cleanErrors={[Function]}
+        cleanWarnings={[Function]}
+        handleCheckReady={[Function]}
+        handleErrors={[Function]}
+        handleWarnings={[Function]}
+        isLoading={false}
+        key="health_check_check_fim.pattern"
+        name="fim.pattern"
+        shouldCheck={true}
+        showLogButton={false}
+        title="Check fim index pattern"
+        validationService={[Function]}
+      />
     </EuiDescriptionList>
   </div>
   <EuiSpacer

plugins/main/public/components/health-check/container/health-check.container.test.tsx

@@ -31,6 +31,7 @@ jest.mock('../../../components/common/hooks', () => ({
       'checks.template': true,
       'checks.fields': true,
       'checks.vulnerabilities.pattern': true,
+      'checks.fim.pattern': true,
     },
   }),
   useRootScope: () => ({}),

plugins/main/public/components/health-check/container/health-check.container.tsx

@@ -37,6 +37,7 @@ import {
   WAZUH_INDEX_TYPE_MONITORING,
   WAZUH_INDEX_TYPE_STATISTICS,
   WAZUH_INDEX_TYPE_VULNERABILITIES,
+  WAZUH_INDEX_TYPE_FIM,
 } from '../../../../common/constants';
 
 import { compose } from 'redux';
@@ -103,6 +104,19 @@ const checks = {
     shouldCheck: false,
     canRetry: true,
   },
+  'fim.pattern': {
+    title: 'Check fim index pattern',
+    label: 'Fim index pattern',
+    validator: appConfig =>
+      checkPatternSupportService(
+        appConfig.data['fim.pattern'],
+        WAZUH_INDEX_TYPE_FIM,
+        NOT_TIME_FIELD_NAME_INDEX_PATTERN,
+      ),
+    awaitFor: [],
+    shouldCheck: false,
+    canRetry: true,
+  },
 };
 
 function HealthCheckComponent() {

plugins/main/public/components/overview/fim/dashboard/dashboard.tsx

@@ -0,0 +1,108 @@
+import React from 'react';
+import { getPlugins } from '../../../../kibana-services';
+import { ViewMode } from '../../../../../../../src/plugins/embeddable/public';
+import { getDashboardPanels } from './dashboard_panels';
+import { I18nProvider } from '@osd/i18n/react';
+import useSearchBar from '../../../common/search-bar/use-search-bar';
+import { getDashboardFilters } from './dashboard_panels_filters';
+import './fim_filters.scss';
+import { getKPIsPanel } from './dashboard_panels_kpis';
+import { useAppConfig } from '../../../common/hooks';
+
+const plugins = getPlugins();
+
+const SearchBar = getPlugins().data.ui.SearchBar;
+
+const DashboardByRenderer = plugins.dashboard.DashboardContainerByValueRenderer;
+
+export const DashboardFim: React.FC = () => {
+  const appConfig = useAppConfig();
+  const FIM_INDEX_PATTERN_ID = appConfig.data['fim.pattern'];
+
+  const { searchBarProps } = useSearchBar({
+    defaultIndexPatternID: FIM_INDEX_PATTERN_ID,
+    filters: [],
+  });
+
+  return (
+    <>
+      <I18nProvider>
+        <SearchBar
+          appName='fim-searchbar'
+          {...searchBarProps}
+          showDatePicker={false}
+          showQueryInput={true}
+          showQueryBar={true}
+        />
+      </I18nProvider>
+      <div className='fim-dashboard-filters-wrapper'>
+        <DashboardByRenderer
+          input={{
+            viewMode: ViewMode.VIEW,
+            panels: getDashboardFilters(FIM_INDEX_PATTERN_ID),
+            isFullScreenMode: false,
+            filters: searchBarProps.filters ?? [],
+            useMargins: false,
+            id: 'fim-dashboard-tab-filters',
+            timeRange: {
+              from: searchBarProps.dateRangeFrom,
+              to: searchBarProps.dateRangeTo,
+            },
+            title: 'Fim dashboard filters',
+            description: 'Dashboard of the Fim filters',
+            query: searchBarProps.query,
+            refreshConfig: {
+              pause: false,
+              value: 15,
+            },
+            hidePanelTitles: true,
+          }}
+        />
+      </div>
+      <DashboardByRenderer
+        input={{
+          viewMode: ViewMode.VIEW,
+          panels: getKPIsPanel(FIM_INDEX_PATTERN_ID),
+          isFullScreenMode: false,
+          filters: searchBarProps.filters ?? [],
+          useMargins: true,
+          id: 'kpis-fim-dashboard-tab',
+          timeRange: {
+            from: searchBarProps.dateRangeFrom,
+            to: searchBarProps.dateRangeTo,
+          },
+          title: 'KPIs Fim dashboard',
+          description: 'KPIs Dashboard of the Fim',
+          query: searchBarProps.query,
+          refreshConfig: {
+            pause: false,
+            value: 15,
+          },
+          hidePanelTitles: true,
+        }}
+      />
+      <DashboardByRenderer
+        input={{
+          viewMode: ViewMode.VIEW,
+          panels: getDashboardPanels(FIM_INDEX_PATTERN_ID),
+          isFullScreenMode: false,
+          filters: searchBarProps.filters ?? [],
+          useMargins: true,
+          id: 'fim-dashboard-tab',
+          timeRange: {
+            from: searchBarProps.dateRangeFrom,
+            to: searchBarProps.dateRangeTo,
+          },
+          title: 'Fim dashboard',
+          description: 'Dashboard of the Fim',
+          query: searchBarProps.query,
+          refreshConfig: {
+            pause: false,
+            value: 15,
+          },
+          hidePanelTitles: false,
+        }}
+      />
+    </>
+  );
+};