diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0564187b23..e840ade452 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,7 +2,7 @@
All notable changes to the Wazuh app project will be documented in this file.
-## Wazuh v4.8.0 - OpenSearch Dashboards 2.9.0 - Revision 00
+## Wazuh v4.8.0 - OpenSearch Dashboards 2.10.0 - Revision 00
### Added
diff --git a/plugins/main/common/api-info/endpoints.json b/plugins/main/common/api-info/endpoints.json
index 9deb839de4..b36353c39f 100644
--- a/plugins/main/common/api-info/endpoints.json
+++ b/plugins/main/common/api-info/endpoints.json
@@ -4,7 +4,7 @@
"endpoints": [
{
"name": "/",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_default_controller_default_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.default_controller.default_info",
"description": "Return basic information about the API",
"summary": "Get API info",
"tags": [
@@ -23,7 +23,7 @@
},
{
"name": "/agents",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_agents",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_agents",
"description": "Return information about all available agents or a list of them",
"summary": "List agents",
"tags": [
@@ -43,6 +43,14 @@
}
}
},
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "group",
"description": "Filter by group of agents",
@@ -235,7 +243,7 @@
},
{
"name": "/agents/:agent_id/config/:component/:configuration",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_agent_config",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_agent_config",
"description": "Return the active configuration the agent is currently using. This can be different from the configuration present in the configuration file, if it has been modified and the agent has not been restarted yet",
"summary": "Get active configuration",
"tags": [
@@ -335,7 +343,7 @@
},
{
"name": "/agents/:agent_id/daemons/stats",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_daemon_stats",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_daemon_stats",
"description": "Return Wazuh statistical information from specified daemons in a specified agent",
"summary": "Get Wazuh daemon stats from an agent",
"tags": [
@@ -389,7 +397,7 @@
},
{
"name": "/agents/:agent_id/group/is_sync",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_sync_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_sync_agent",
"description": "Return whether the agent configuration has been synchronized with the agent or not. This can be useful to check after updating a group configuration",
"summary": "Get configuration sync status",
"tags": [
@@ -429,7 +437,7 @@
},
{
"name": "/agents/:agent_id/key",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_agent_key",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_agent_key",
"description": "Return the key of an agent",
"summary": "Get key",
"tags": [
@@ -469,7 +477,7 @@
},
{
"name": "/agents/:agent_id/stats/:component",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_component_stats",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_component_stats",
"description": "Return Wazuh's {component} statistical information from agent {agent_id}",
"summary": "Get agent's component stats",
"tags": [
@@ -521,7 +529,7 @@
},
{
"name": "/agents/no_group",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_agent_no_group",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_agent_no_group",
"description": "Return a list with all the available agents without an assigned group",
"summary": "List agents without group",
"tags": [
@@ -603,7 +611,7 @@
},
{
"name": "/agents/outdated",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_agent_outdated",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_agent_outdated",
"description": "Return the list of outdated agents",
"summary": "List outdated agents",
"tags": [
@@ -674,7 +682,7 @@
},
{
"name": "/agents/stats/distinct",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_agent_fields",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_agent_fields",
"description": "Return all the different combinations that agents have for the selected fields. It also indicates the total number of agents that have each combination",
"summary": "List agents distinct",
"tags": [
@@ -756,7 +764,7 @@
},
{
"name": "/agents/summary/os",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_agent_summary_os",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_agent_summary_os",
"description": "Return a summary of the OS of available agents",
"summary": "Summarize agents OS",
"tags": [
@@ -783,7 +791,7 @@
},
{
"name": "/agents/summary/status",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_agent_summary_status",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_agent_summary_status",
"description": "Return a summary of the connection and groups configuration synchronization statuses of available agents",
"summary": "Summarize agents status",
"tags": [
@@ -810,7 +818,7 @@
},
{
"name": "/agents/upgrade_result",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_agent_upgrade",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_agent_upgrade",
"description": "Return the agents upgrade results",
"summary": "Get upgrade results",
"tags": [
@@ -938,7 +946,7 @@
},
{
"name": "/ciscat/:agent_id/results",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_ciscat_controller_get_agents_ciscat_results",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.ciscat_controller.get_agents_ciscat_results",
"description": "Return the agent's ciscat results info",
"summary": "Get results",
"tags": [
@@ -1102,7 +1110,7 @@
},
{
"name": "/cluster/:node_id/configuration",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_configuration_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_configuration_node",
"description": "Return wazuh configuration used in node {node_id}. The 'section' and 'field' parameters will be ignored if 'raw' parameter is provided.",
"summary": "Get node config",
"tags": [
@@ -1196,7 +1204,7 @@
},
{
"name": "/cluster/:node_id/configuration/:component/:configuration",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_node_config",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_node_config",
"description": "Return the requested configuration in JSON format for the specified node",
"summary": "Get node active configuration",
"tags": [
@@ -1294,7 +1302,7 @@
},
{
"name": "/cluster/:node_id/daemons/stats",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_daemon_stats_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_daemon_stats_node",
"description": "Return Wazuh statistical information from specified daemons in a specified cluster node",
"summary": "Get Wazuh daemon stats from a cluster node",
"tags": [
@@ -1347,7 +1355,7 @@
},
{
"name": "/cluster/:node_id/info",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_info_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_info_node",
"description": "Return basic information about a specified node such as version, compilation date, installation path",
"summary": "Get node info",
"tags": [
@@ -1385,7 +1393,7 @@
},
{
"name": "/cluster/:node_id/logs",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_log_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_log_node",
"description": "Return the last 2000 wazuh log entries in the specified node",
"summary": "Get node logs",
"tags": [
@@ -1403,6 +1411,14 @@
}
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "level",
"description": "Filter by log level",
@@ -1462,6 +1478,17 @@
"format": "search"
}
},
+ {
+ "name": "select",
+ "description": "Select which fields to return (separated by comma). Use '.' for nested fields. For example, '{field1: field2}' may be selected with 'field1.field2'",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "format": "names"
+ }
+ }
+ },
{
"name": "sort",
"description": "Sort the collection by a field or fields (separated by comma). Use +/- at the beggining to list in ascending or descending order. Use '.' for nested fields. For example, '{field1: field2}' may be selected with 'field1.field2'",
@@ -1490,7 +1517,7 @@
},
{
"name": "/cluster/:node_id/logs/summary",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_log_summary_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_log_summary_node",
"description": "Return a summary of the last 2000 wazuh log entries in the specified node",
"summary": "Get node logs summary",
"tags": [
@@ -1528,7 +1555,7 @@
},
{
"name": "/cluster/:node_id/stats",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_stats_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_stats_node",
"description": "Return Wazuh statistical information in node {node_id} for the current or specified date",
"summary": "Get node stats",
"tags": [
@@ -1574,7 +1601,7 @@
},
{
"name": "/cluster/:node_id/stats/analysisd",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_stats_analysisd_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_stats_analysisd_node",
"description": "Return Wazuh analysisd statistical information in node {node_id}",
"summary": "Get node stats analysisd",
"tags": [
@@ -1612,7 +1639,7 @@
},
{
"name": "/cluster/:node_id/stats/hourly",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_stats_hourly_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_stats_hourly_node",
"description": "Return Wazuh statistical information in node {node_id} per hour. Each number in the averages field represents the average of alerts per hour",
"summary": "Get node stats hour",
"tags": [
@@ -1650,7 +1677,7 @@
},
{
"name": "/cluster/:node_id/stats/remoted",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_stats_remoted_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_stats_remoted_node",
"description": "Return Wazuh remoted statistical information in node {node_id}",
"summary": "Get node stats remoted",
"tags": [
@@ -1688,7 +1715,7 @@
},
{
"name": "/cluster/:node_id/stats/weekly",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_stats_weekly_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_stats_weekly_node",
"description": "Return Wazuh statistical information in node {node_id} per week. Each number in the averages field represents the average of alerts per hour for that specific day",
"summary": "Get node stats week",
"tags": [
@@ -1726,7 +1753,7 @@
},
{
"name": "/cluster/:node_id/status",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_status_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_status_node",
"description": "Return the status of all Wazuh daemons in node node_id",
"summary": "Get node status",
"tags": [
@@ -1764,7 +1791,7 @@
},
{
"name": "/cluster/api/config",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_api_config",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_api_config",
"description": "Return the API configuration of all nodes (or a list of them) in JSON format",
"summary": "Get nodes API config",
"tags": [
@@ -1801,7 +1828,7 @@
},
{
"name": "/cluster/configuration/validation",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_conf_validation",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_conf_validation",
"description": "Return whether the Wazuh configuration is correct or not in all cluster nodes or a list of them",
"summary": "Check nodes config",
"tags": [
@@ -1838,7 +1865,7 @@
},
{
"name": "/cluster/healthcheck",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_healthcheck",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_healthcheck",
"description": "Return cluster healthcheck information for all nodes or a list of them. Such information includes last keep alive, last synchronization time and number of agents reporting on each node",
"summary": "Get nodes healthcheck",
"tags": [
@@ -1875,7 +1902,7 @@
},
{
"name": "/cluster/local/config",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_config",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_config",
"description": "Return the current node cluster configuration",
"summary": "Get local node config",
"tags": [
@@ -1902,7 +1929,7 @@
},
{
"name": "/cluster/local/info",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_cluster_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_cluster_node",
"description": "Return basic information about the cluster node receiving the request",
"summary": "Get local node info",
"tags": [
@@ -1929,13 +1956,21 @@
},
{
"name": "/cluster/nodes",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_cluster_nodes",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_cluster_nodes",
"description": "Get information about all nodes in the cluster or a list of them",
"summary": "Get nodes info",
"tags": [
"Cluster"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "limit",
"description": "Maximum number of elements to return. Although up to 100.000 can be specified, it is recommended not to exceed 500 elements. Responses may be slower the more this number is exceeded. ",
@@ -2032,7 +2067,7 @@
},
{
"name": "/cluster/ruleset/synchronization",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_nodes_ruleset_sync_status",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_nodes_ruleset_sync_status",
"description": "Return ruleset synchronization status for all nodes or a list of them. This synchronization only covers the user custom ruleset",
"summary": "Get cluster nodes ruleset synchronization status",
"tags": [
@@ -2069,7 +2104,7 @@
},
{
"name": "/cluster/status",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_get_status",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.get_status",
"description": "Return information about the cluster status",
"summary": "Get cluster status",
"tags": [
@@ -2096,7 +2131,7 @@
},
{
"name": "/decoders",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_decoder_controller_get_decoders",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.decoder_controller.get_decoders",
"description": "Return information about all decoders included in ossec.conf. This information include decoder's route, decoder's name, decoder's file among others",
"summary": "List decoders",
"tags": [
@@ -2114,6 +2149,14 @@
}
}
},
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "filename",
"description": "Filter by filename",
@@ -2221,13 +2264,21 @@
},
{
"name": "/decoders/files",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_decoder_controller_get_decoders_files",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.decoder_controller.get_decoders_files",
"description": "Return information about all decoders files used in Wazuh. This information include decoder's file, decoder's route and decoder's status among others",
"summary": "Get files",
"tags": [
"Decoders"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "filename",
"description": "Filter by filename of one or more rule or decoder files.",
@@ -2268,6 +2319,13 @@
"default": false
}
},
+ {
+ "name": "q",
+ "description": "Query to filter results by. For example q="status=active"",
+ "schema": {
+ "type": "string"
+ }
+ },
{
"name": "relative_dirname",
"description": "Filter by relative directory name",
@@ -2284,6 +2342,17 @@
"format": "search"
}
},
+ {
+ "name": "select",
+ "description": "Select which fields to return (separated by comma). Use '.' for nested fields. For example, '{field1: field2}' may be selected with 'field1.field2'",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "format": "names"
+ }
+ }
+ },
{
"name": "sort",
"description": "Sort the collection by a field or fields (separated by comma). Use +/- at the beggining to list in ascending or descending order. Use '.' for nested fields. For example, '{field1: field2}' may be selected with 'field1.field2'",
@@ -2317,7 +2386,7 @@
},
{
"name": "/decoders/files/:filename",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_decoder_controller_get_file",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.decoder_controller.get_file",
"description": "Get the content of a specified decoder file",
"summary": "Get decoders file content",
"tags": [
@@ -2351,6 +2420,14 @@
"type": "boolean"
}
},
+ {
+ "name": "relative_dirname",
+ "description": "Filter by relative directory name",
+ "schema": {
+ "type": "string",
+ "format": "get_dirnames_path"
+ }
+ },
{
"name": "wait_for_complete",
"description": "Disable timeout response",
@@ -2363,7 +2440,7 @@
},
{
"name": "/decoders/parents",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_decoder_controller_get_decoders_parents",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.decoder_controller.get_decoders_parents",
"description": "Return information about all parent decoders. A parent decoder is a decoder used as base of other decoders",
"summary": "Get parent decoders",
"tags": [
@@ -2438,7 +2515,7 @@
},
{
"name": "/experimental/ciscat/results",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_experimental_controller_get_cis_cat_results",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.experimental_controller.get_cis_cat_results",
"description": "Return CIS-CAT results for all agents or a list of them",
"summary": "Get agents CIS-CAT results",
"tags": [
@@ -2595,7 +2672,7 @@
},
{
"name": "/experimental/syscollector/hardware",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_experimental_controller_get_hardware_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.experimental_controller.get_hardware_info",
"description": "Return all agents (or a list of them) hardware info. This information include cpu, ram, scan info among others of all agents",
"summary": "Get agents hardware",
"tags": [
@@ -2734,7 +2811,7 @@
},
{
"name": "/experimental/syscollector/hotfixes",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_experimental_controller_get_hotfixes_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.experimental_controller.get_hotfixes_info",
"description": "Return all agents (or a list of them) hotfixes info",
"summary": "Get agents hotfixes",
"tags": [
@@ -2829,7 +2906,7 @@
},
{
"name": "/experimental/syscollector/netaddr",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_experimental_controller_get_network_address_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.experimental_controller.get_network_address_info",
"description": "Return all agents (or a list of them) IPv4 and IPv6 addresses associated to their network interfaces. This information include used IP protocol, interface, and IP address among others",
"summary": "Get agents netaddr",
"tags": [
@@ -2949,7 +3026,7 @@
},
{
"name": "/experimental/syscollector/netiface",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_experimental_controller_get_network_interface_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.experimental_controller.get_network_interface_info",
"description": "Return all agents (or a list of them) network interfaces. This information includes rx, scan, tx info and some network information among other",
"summary": "Get agents netiface",
"tags": [
@@ -3150,7 +3227,7 @@
},
{
"name": "/experimental/syscollector/netproto",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_experimental_controller_get_network_protocol_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.experimental_controller.get_network_protocol_info",
"description": "Return all agents (or a list of them) routing configuration for each network interface. This information includes interface, type protocol information among other",
"summary": "Get agents netproto",
"tags": [
@@ -3276,7 +3353,7 @@
},
{
"name": "/experimental/syscollector/os",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_experimental_controller_get_os_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.experimental_controller.get_os_info",
"description": "Return all agents (or a list of them) OS info. This information includes os information, architecture information among other",
"summary": "Get agents OS",
"tags": [
@@ -3404,7 +3481,7 @@
},
{
"name": "/experimental/syscollector/packages",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_experimental_controller_get_packages_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.experimental_controller.get_packages_info",
"description": "Return all agents (or a list of them) packages info. This information includes name, section, size, and priority information of all packages among other",
"summary": "Get agents packages",
"tags": [
@@ -3530,7 +3607,7 @@
},
{
"name": "/experimental/syscollector/ports",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_experimental_controller_get_ports_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.experimental_controller.get_ports_info",
"description": "Return all agents (or a list of them) ports info. This information includes local IP, Remote IP, protocol information among other",
"summary": "Get agents ports",
"tags": [
@@ -3682,7 +3759,7 @@
},
{
"name": "/experimental/syscollector/processes",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_experimental_controller_get_processes_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.experimental_controller.get_processes_info",
"description": "Return all agents (or a list of them) processes info",
"summary": "Get agents processes",
"tags": [
@@ -3882,13 +3959,21 @@
},
{
"name": "/groups",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_list_group",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_list_group",
"description": "Get information about all groups or a list of them. Returns a list containing basic information about each group such as number of agents belonging to the group and the checksums of the configuration and shared files",
"summary": "Get groups",
"tags": [
"Groups"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "groups_list",
"description": "List of group IDs (separated by comma), all groups selected by default if not specified",
@@ -3951,6 +4036,13 @@
"default": false
}
},
+ {
+ "name": "q",
+ "description": "Query to filter results by. For example q="status=active"",
+ "schema": {
+ "type": "string"
+ }
+ },
{
"name": "search",
"description": "Look for elements containing the specified string. To obtain a complementary search, use '-' at the beginning",
@@ -3959,6 +4051,17 @@
"format": "search"
}
},
+ {
+ "name": "select",
+ "description": "Select which fields to return (separated by comma). Use '.' for nested fields. For example, '{field1: field2}' may be selected with 'field1.field2'",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "format": "names"
+ }
+ }
+ },
{
"name": "sort",
"description": "Sort the collection by a field or fields (separated by comma). Use +/- at the beggining to list in ascending or descending order. Use '.' for nested fields. For example, '{field1: field2}' may be selected with 'field1.field2'",
@@ -3979,7 +4082,7 @@
},
{
"name": "/groups/:group_id/agents",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_agents_in_group",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_agents_in_group",
"description": "Return the list of agents that belong to the specified group",
"summary": "Get agents in a group",
"tags": [
@@ -3998,6 +4101,14 @@
}
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "limit",
"description": "Maximum number of elements to return. Although up to 100.000 can be specified, it is recommended not to exceed 500 elements. Responses may be slower the more this number is exceeded. ",
@@ -4090,7 +4201,7 @@
},
{
"name": "/groups/:group_id/configuration",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_group_config",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_group_config",
"description": "Return the group configuration defined in the `agent.conf` file",
"summary": "Get group configuration",
"tags": [
@@ -4150,7 +4261,7 @@
},
{
"name": "/groups/:group_id/files",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_group_files",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_group_files",
"description": "Return the files placed under the group directory",
"summary": "Get group files",
"tags": [
@@ -4169,6 +4280,14 @@
}
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "hash",
"description": "Select algorithm to generate the returned checksums",
@@ -4219,6 +4338,13 @@
"default": false
}
},
+ {
+ "name": "q",
+ "description": "Query to filter results by. For example q="status=active"",
+ "schema": {
+ "type": "string"
+ }
+ },
{
"name": "search",
"description": "Look for elements containing the specified string. To obtain a complementary search, use '-' at the beginning",
@@ -4227,6 +4353,17 @@
"format": "search"
}
},
+ {
+ "name": "select",
+ "description": "Select which fields to return (separated by comma). Use '.' for nested fields. For example, '{field1: field2}' may be selected with 'field1.field2'",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "format": "names"
+ }
+ }
+ },
{
"name": "sort",
"description": "Sort the collection by a field or fields (separated by comma). Use +/- at the beggining to list in ascending or descending order. Use '.' for nested fields. For example, '{field1: field2}' may be selected with 'field1.field2'",
@@ -4247,7 +4384,7 @@
},
{
"name": "/groups/:group_id/files/:file_name/json",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_group_file_json",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_group_file_json",
"description": "Return the content of the specified group file parsed to JSON",
"summary": "Get a file in group",
"tags": [
@@ -4311,7 +4448,7 @@
},
{
"name": "/groups/:group_id/files/:file_name/xml",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_get_group_file_xml",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.get_group_file_xml",
"description": "Return the contents of the specified group file parsed to XML",
"summary": "Get a file in group",
"tags": [
@@ -4375,13 +4512,21 @@
},
{
"name": "/lists",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cdb_list_controller_get_lists",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cdb_list_controller.get_lists",
"description": "Return the contents of all CDB lists. Optionally, the result can be filtered by several criteria. See available parameters for more details",
"summary": "Get CDB lists info",
"tags": [
"Lists"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "filename",
"description": "Filter by filename",
@@ -4422,6 +4567,13 @@
"default": false
}
},
+ {
+ "name": "q",
+ "description": "Query to filter results by. For example q="status=active"",
+ "schema": {
+ "type": "string"
+ }
+ },
{
"name": "relative_dirname",
"description": "Filter by relative directory name",
@@ -4469,7 +4621,7 @@
},
{
"name": "/lists/files",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cdb_list_controller_get_lists_files",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cdb_list_controller.get_lists_files",
"description": "Return the path from all CDB lists. Use this method to know all the CDB lists and their location in the filesystem relative to Wazuh installation folder",
"summary": "Get CDB lists files",
"tags": [
@@ -4552,7 +4704,7 @@
},
{
"name": "/lists/files/:filename",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cdb_list_controller_get_file",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cdb_list_controller.get_file",
"description": "Return the content of a CDB list file. Only the filename can be specified. It will be searched recursively if not found",
"summary": "Get CDB list file content",
"tags": [
@@ -4598,7 +4750,7 @@
},
{
"name": "/manager/api/config",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_api_config",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_api_config",
"description": "Return the local API configuration in JSON format",
"summary": "Get API config",
"tags": [
@@ -4625,13 +4777,21 @@
},
{
"name": "/manager/configuration",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_configuration",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_configuration",
"description": "Return wazuh configuration used. The 'section' and 'field' parameters will be ignored if 'raw' parameter is provided.",
"summary": "Get configuration",
"tags": [
"Manager"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "field",
"description": "Indicate a section child. E.g, fields for *ruleset* section are: decoder_dir, rule_dir, etc",
@@ -4708,7 +4868,7 @@
},
{
"name": "/manager/configuration/:component/:configuration",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_manager_config_ondemand",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_manager_config_ondemand",
"description": "Return the requested active configuration in JSON format",
"summary": "Get active configuration",
"tags": [
@@ -4797,7 +4957,7 @@
},
{
"name": "/manager/configuration/validation",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_conf_validation",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_conf_validation",
"description": "Return whether the Wazuh configuration is correct",
"summary": "Check config",
"tags": [
@@ -4824,7 +4984,7 @@
},
{
"name": "/manager/daemons/stats",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_daemon_stats",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_daemon_stats",
"description": "Return Wazuh statistical information from specified daemons",
"summary": "Get Wazuh daemon stats",
"tags": [
@@ -4866,7 +5026,7 @@
},
{
"name": "/manager/info",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_info",
"description": "Return basic information such as version, compilation date, installation path",
"summary": "Get information",
"tags": [
@@ -4893,13 +5053,21 @@
},
{
"name": "/manager/logs",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_log",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_log",
"description": "Return the last 2000 wazuh log entries",
"summary": "Get logs",
"tags": [
"Manager"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "level",
"description": "Filter by log level",
@@ -4959,6 +5127,17 @@
"format": "search"
}
},
+ {
+ "name": "select",
+ "description": "Select which fields to return (separated by comma). Use '.' for nested fields. For example, '{field1: field2}' may be selected with 'field1.field2'",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "format": "names"
+ }
+ }
+ },
{
"name": "sort",
"description": "Sort the collection by a field or fields (separated by comma). Use +/- at the beggining to list in ascending or descending order. Use '.' for nested fields. For example, '{field1: field2}' may be selected with 'field1.field2'",
@@ -4987,7 +5166,7 @@
},
{
"name": "/manager/logs/summary",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_log_summary",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_log_summary",
"description": "Return a summary of the last 2000 wazuh log entries",
"summary": "Get logs summary",
"tags": [
@@ -5014,7 +5193,7 @@
},
{
"name": "/manager/stats",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_stats",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_stats",
"description": "Return Wazuh statistical information for the current or specified date",
"summary": "Get stats",
"tags": [
@@ -5049,7 +5228,7 @@
},
{
"name": "/manager/stats/analysisd",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_stats_analysisd",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_stats_analysisd",
"description": "Return Wazuh analysisd statistical information",
"summary": "Get stats analysisd",
"tags": [
@@ -5076,7 +5255,7 @@
},
{
"name": "/manager/stats/hourly",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_stats_hourly",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_stats_hourly",
"description": "Return Wazuh statistical information per hour. Each number in the averages field represents the average of alerts per hour",
"summary": "Get stats hour",
"tags": [
@@ -5103,7 +5282,7 @@
},
{
"name": "/manager/stats/remoted",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_stats_remoted",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_stats_remoted",
"description": "Return Wazuh remoted statistical information",
"summary": "Get stats remoted",
"tags": [
@@ -5130,7 +5309,7 @@
},
{
"name": "/manager/stats/weekly",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_stats_weekly",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_stats_weekly",
"description": "Return Wazuh statistical information per week. Each number in the averages field represents the average of alerts per hour for that specific day",
"summary": "Get stats week",
"tags": [
@@ -5157,7 +5336,7 @@
},
{
"name": "/manager/status",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_get_status",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.get_status",
"description": "Return the status of all Wazuh daemons",
"summary": "Get status",
"tags": [
@@ -5184,13 +5363,21 @@
},
{
"name": "/mitre/groups",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_mitre_controller_get_groups",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.mitre_controller.get_groups",
"description": "Return the groups from MITRE database",
"summary": "Get MITRE groups",
"tags": [
"MITRE"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "group_ids",
"description": "List of MITRE's group IDs (separated by comma)",
@@ -5277,7 +5464,7 @@
},
{
"name": "/mitre/metadata",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_mitre_controller_get_metadata",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.mitre_controller.get_metadata",
"description": "Return the metadata from MITRE database",
"summary": "Get MITRE metadata",
"tags": [
@@ -5304,13 +5491,21 @@
},
{
"name": "/mitre/mitigations",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_mitre_controller_get_mitigations",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.mitre_controller.get_mitigations",
"description": "Return the mitigations from MITRE database",
"summary": "Get MITRE mitigations",
"tags": [
"MITRE"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "limit",
"description": "Maximum number of elements to return. Although up to 100.000 can be specified, it is recommended not to exceed 500 elements. Responses may be slower the more this number is exceeded. ",
@@ -5397,7 +5592,7 @@
},
{
"name": "/mitre/references",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_mitre_controller_get_references",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.mitre_controller.get_references",
"description": "Return the references from MITRE database",
"summary": "Get MITRE references",
"tags": [
@@ -5490,13 +5685,21 @@
},
{
"name": "/mitre/software",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_mitre_controller_get_software",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.mitre_controller.get_software",
"description": "Return the software from MITRE database",
"summary": "Get MITRE software",
"tags": [
"MITRE"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "limit",
"description": "Maximum number of elements to return. Although up to 100.000 can be specified, it is recommended not to exceed 500 elements. Responses may be slower the more this number is exceeded. ",
@@ -5583,13 +5786,21 @@
},
{
"name": "/mitre/tactics",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_mitre_controller_get_tactics",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.mitre_controller.get_tactics",
"description": "Return the tactics from MITRE database",
"summary": "Get MITRE tactics",
"tags": [
"MITRE"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "limit",
"description": "Maximum number of elements to return. Although up to 100.000 can be specified, it is recommended not to exceed 500 elements. Responses may be slower the more this number is exceeded. ",
@@ -5676,13 +5887,21 @@
},
{
"name": "/mitre/techniques",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_mitre_controller_get_techniques",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.mitre_controller.get_techniques",
"description": "Return the techniques from MITRE database",
"summary": "Get MITRE techniques",
"tags": [
"MITRE"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "limit",
"description": "Maximum number of elements to return. Although up to 100.000 can be specified, it is recommended not to exceed 500 elements. Responses may be slower the more this number is exceeded. ",
@@ -5769,7 +5988,7 @@
},
{
"name": "/overview/agents",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_overview_controller_get_overview_agents",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.overview_controller.get_overview_agents",
"description": "Return a dictionary with a full agents overview",
"summary": "Get agents overview",
"tags": [
@@ -5796,7 +6015,7 @@
},
{
"name": "/rootcheck/:agent_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_rootcheck_controller_get_rootcheck_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.rootcheck_controller.get_rootcheck_agent",
"description": "Return the rootcheck database of an agent",
"summary": "Get results",
"tags": [
@@ -5923,7 +6142,7 @@
},
{
"name": "/rootcheck/:agent_id/last_scan",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_rootcheck_controller_get_last_scan_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.rootcheck_controller.get_last_scan_agent",
"description": "Return the timestamp of the last rootcheck scan of an agent",
"summary": "Get last scan datetime",
"tags": [
@@ -5963,13 +6182,21 @@
},
{
"name": "/rules",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_rule_controller_get_rules",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.rule_controller.get_rules",
"description": "Return a list containing information about each rule such as file where it's defined, description, rule group, status, etc",
"summary": "List rules",
"tags": [
"Rules"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "filename",
"description": "Filter by filename",
@@ -6161,13 +6388,21 @@
},
{
"name": "/rules/files",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_rule_controller_get_rules_files",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.rule_controller.get_rules_files",
"description": "Return a list containing all files used to define rules and their status",
"summary": "Get files",
"tags": [
"Rules"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "filename",
"description": "Filter by filename of one or more rule or decoder files.",
@@ -6208,6 +6443,13 @@
"default": false
}
},
+ {
+ "name": "q",
+ "description": "Query to filter results by. For example q="status=active"",
+ "schema": {
+ "type": "string"
+ }
+ },
{
"name": "relative_dirname",
"description": "Filter by relative directory name",
@@ -6224,6 +6466,17 @@
"format": "search"
}
},
+ {
+ "name": "select",
+ "description": "Select which fields to return (separated by comma). Use '.' for nested fields. For example, '{field1: field2}' may be selected with 'field1.field2'",
+ "schema": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "format": "names"
+ }
+ }
+ },
{
"name": "sort",
"description": "Sort the collection by a field or fields (separated by comma). Use +/- at the beggining to list in ascending or descending order. Use '.' for nested fields. For example, '{field1: field2}' may be selected with 'field1.field2'",
@@ -6257,7 +6510,7 @@
},
{
"name": "/rules/files/:filename",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_rule_controller_get_file",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.rule_controller.get_file",
"description": "Get the content of a specified rule in the ruleset",
"summary": "Get rules file content",
"tags": [
@@ -6291,6 +6544,14 @@
"type": "boolean"
}
},
+ {
+ "name": "relative_dirname",
+ "description": "Filter by relative directory name",
+ "schema": {
+ "type": "string",
+ "format": "get_dirnames_path"
+ }
+ },
{
"name": "wait_for_complete",
"description": "Disable timeout response",
@@ -6303,7 +6564,7 @@
},
{
"name": "/rules/groups",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_rule_controller_get_rules_groups",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.rule_controller.get_rules_groups",
"description": "Return a list containing all rule groups names",
"summary": "Get groups",
"tags": [
@@ -6367,7 +6628,7 @@
},
{
"name": "/rules/requirement/:requirement",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_rule_controller_get_rules_requirement",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.rule_controller.get_rules_requirement",
"description": "Return all specified requirement names defined in the Wazuh ruleset",
"summary": "Get requirements",
"tags": [
@@ -6449,7 +6710,7 @@
},
{
"name": "/sca/:agent_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_sca_controller_get_sca_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.sca_controller.get_sca_agent",
"description": "Return the security SCA database of an agent",
"summary": "Get results",
"tags": [
@@ -6574,7 +6835,7 @@
},
{
"name": "/sca/:agent_id/checks/:policy_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_sca_controller_get_sca_checks",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.sca_controller.get_sca_checks",
"description": "Return the policy monitoring alerts for a given policy",
"summary": "Get policy checks",
"tags": [
@@ -6787,7 +7048,7 @@
},
{
"name": "/security/actions",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_get_rbac_actions",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.get_rbac_actions",
"description": "Get all RBAC actions, including the potential related resources and endpoints.",
"summary": "List RBAC actions",
"tags": [
@@ -6813,7 +7074,7 @@
},
{
"name": "/security/config",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_get_security_config",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.get_security_config",
"description": "Return the security configuration in JSON format",
"summary": "Get security config",
"tags": [
@@ -6840,13 +7101,21 @@
},
{
"name": "/security/policies",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_get_policies",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.get_policies",
"description": "Get all policies in the system, including the administrator policy",
"summary": "List policies",
"tags": [
"Security"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "limit",
"description": "Maximum number of elements to return. Although up to 100.000 can be specified, it is recommended not to exceed 500 elements. Responses may be slower the more this number is exceeded. ",
@@ -6888,6 +7157,13 @@
"default": false
}
},
+ {
+ "name": "q",
+ "description": "Query to filter results by. For example q="status=active"",
+ "schema": {
+ "type": "string"
+ }
+ },
{
"name": "search",
"description": "Look for elements containing the specified string. To obtain a complementary search, use '-' at the beginning",
@@ -6927,7 +7203,7 @@
},
{
"name": "/security/resources",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_get_rbac_resources",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.get_rbac_resources",
"description": "This method should be called to get all current defined RBAC resources.",
"summary": "List RBAC resources",
"tags": [
@@ -6966,13 +7242,21 @@
},
{
"name": "/security/roles",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_get_roles",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.get_roles",
"description": "For a specific list, indicate the ids separated by commas. Example: ?role_ids=1,2,3",
"summary": "List roles",
"tags": [
"Security"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "limit",
"description": "Maximum number of elements to return. Although up to 100.000 can be specified, it is recommended not to exceed 500 elements. Responses may be slower the more this number is exceeded. ",
@@ -7002,6 +7286,13 @@
"default": false
}
},
+ {
+ "name": "q",
+ "description": "Query to filter results by. For example q="status=active"",
+ "schema": {
+ "type": "string"
+ }
+ },
{
"name": "role_ids",
"description": "List of role IDs (separated by comma)",
@@ -7053,13 +7344,21 @@
},
{
"name": "/security/rules",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_get_rules",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.get_rules",
"description": "Get a list of security rules from the system or all of them. These rules must be mapped with roles to obtain certain access privileges. For a specific list, indicate the ids separated by commas. Example: ?rule_ids=1,2,3",
"summary": "List security rules",
"tags": [
"Security"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "limit",
"description": "Maximum number of elements to return. Although up to 100.000 can be specified, it is recommended not to exceed 500 elements. Responses may be slower the more this number is exceeded. ",
@@ -7089,6 +7388,13 @@
"default": false
}
},
+ {
+ "name": "q",
+ "description": "Query to filter results by. For example q="status=active"",
+ "schema": {
+ "type": "string"
+ }
+ },
{
"name": "rule_ids",
"description": "List of rule IDs (separated by comma)",
@@ -7140,7 +7446,7 @@
},
{
"name": "/security/user/authenticate",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_deprecated_login_user",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.deprecated_login_user",
"description": "This method should be called to get an API token. This token will expire after auth_token_exp_timeout seconds (default: 900). This value can be changed using PUT /security/config",
"summary": "Login",
"tags": [
@@ -7159,13 +7465,21 @@
},
{
"name": "/security/users",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_get_users",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.get_users",
"description": "Get the information of a specified user",
"summary": "List users",
"tags": [
"Security"
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "limit",
"description": "Maximum number of elements to return. Although up to 100.000 can be specified, it is recommended not to exceed 500 elements. Responses may be slower the more this number is exceeded. ",
@@ -7195,6 +7509,13 @@
"default": false
}
},
+ {
+ "name": "q",
+ "description": "Query to filter results by. For example q="status=active"",
+ "schema": {
+ "type": "string"
+ }
+ },
{
"name": "search",
"description": "Look for elements containing the specified string. To obtain a complementary search, use '-' at the beginning",
@@ -7246,7 +7567,7 @@
},
{
"name": "/security/users/me",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_get_user_me",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.get_user_me",
"description": "Get the information of the current user",
"summary": "Get current user info",
"tags": [
@@ -7273,7 +7594,7 @@
},
{
"name": "/security/users/me/policies",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_get_user_me_policies",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.get_user_me_policies",
"description": "Get the processed policies information for the current user",
"summary": "Get current user processed policies",
"tags": [
@@ -7292,7 +7613,7 @@
},
{
"name": "/syscheck/:agent_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscheck_controller_get_syscheck_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscheck_controller.get_syscheck_agent",
"description": "Return FIM findings in the specified agent",
"summary": "Get results",
"tags": [
@@ -7482,7 +7803,7 @@
},
{
"name": "/syscheck/:agent_id/last_scan",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscheck_controller_get_last_scan_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscheck_controller.get_last_scan_agent",
"description": "Return when the last syscheck scan started and ended. If the scan is still in progress the end date will be unknown",
"summary": "Get last scan datetime",
"tags": [
@@ -7522,7 +7843,7 @@
},
{
"name": "/syscollector/:agent_id/hardware",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscollector_controller_get_hardware_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscollector_controller.get_hardware_info",
"description": "Return the agent's hardware info. This information include cpu, ram, scan info among others",
"summary": "Get agent hardware",
"tags": [
@@ -7573,7 +7894,7 @@
},
{
"name": "/syscollector/:agent_id/hotfixes",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscollector_controller_get_hotfix_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscollector_controller.get_hotfix_info",
"description": "Return all hotfixes installed by Microsoft(R) in Windows(R) systems (KB... fixes)",
"summary": "Get agent hotfixes",
"tags": [
@@ -7593,6 +7914,14 @@
}
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "hotfix",
"description": "Filter by hotfix",
@@ -7675,7 +8004,7 @@
},
{
"name": "/syscollector/:agent_id/netaddr",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscollector_controller_get_network_address_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscollector_controller.get_network_address_info",
"description": "Return the agent's network address info. This information include used IP protocol, interface, IP address among others",
"summary": "Get agent netaddr",
"tags": [
@@ -7711,6 +8040,14 @@
"format": "alphanumeric"
}
},
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "iface",
"description": "Filter by network interface",
@@ -7810,7 +8147,7 @@
},
{
"name": "/syscollector/:agent_id/netiface",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscollector_controller_get_network_interface_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscollector_controller.get_network_interface_info",
"description": "Return the agent's network interface info. This information include rx, scan, tx info and some network information among others",
"summary": "Get agent netiface",
"tags": [
@@ -7838,6 +8175,14 @@
"format": "alphanumeric"
}
},
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "limit",
"description": "Maximum number of elements to return. Although up to 100.000 can be specified, it is recommended not to exceed 500 elements. Responses may be slower the more this number is exceeded. ",
@@ -8017,7 +8362,7 @@
},
{
"name": "/syscollector/:agent_id/netproto",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscollector_controller_get_network_protocol_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscollector_controller.get_network_protocol_info",
"description": "Return the agent's routing configuration for each network interface",
"summary": "Get agent netproto",
"tags": [
@@ -8051,6 +8396,14 @@
]
}
},
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "gateway",
"description": "Filter by network gateway",
@@ -8150,7 +8503,7 @@
},
{
"name": "/syscollector/:agent_id/os",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscollector_controller_get_os_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscollector_controller.get_os_info",
"description": "Return the agent's OS info. This information include os information, architecture information among others of all agents",
"summary": "Get agent OS",
"tags": [
@@ -8201,7 +8554,7 @@
},
{
"name": "/syscollector/:agent_id/packages",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscollector_controller_get_packages_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscollector_controller.get_packages_info",
"description": "Return the agent's packages info. This information include name, section, size, priority information of all packages among others",
"summary": "Get agent packages",
"tags": [
@@ -8229,6 +8582,14 @@
"format": "alphanumeric"
}
},
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "format",
"description": "Filter by file format. For example 'deb' will output deb files",
@@ -8334,7 +8695,7 @@
},
{
"name": "/syscollector/:agent_id/ports",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscollector_controller_get_ports_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscollector_controller.get_ports_info",
"description": "Return the agent's ports info. This information include local IP, Remote IP, protocol information among others",
"summary": "Get agent ports",
"tags": [
@@ -8354,6 +8715,14 @@
}
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "limit",
"description": "Maximum number of elements to return. Although up to 100.000 can be specified, it is recommended not to exceed 500 elements. Responses may be slower the more this number is exceeded. ",
@@ -8493,7 +8862,7 @@
},
{
"name": "/syscollector/:agent_id/processes",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscollector_controller_get_processes_info",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscollector_controller.get_processes_info",
"description": "Return the agent's processes info",
"summary": "Get agent processes",
"tags": [
@@ -8513,6 +8882,14 @@
}
],
"query": [
+ {
+ "name": "distinct",
+ "description": "Look for distinct values.",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
{
"name": "egroup",
"description": "Filter by process egroup",
@@ -8700,7 +9077,7 @@
},
{
"name": "/tasks/status",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_task_controller_get_tasks_status",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.task_controller.get_tasks_status",
"description": "Returns all available information about the specified tasks",
"summary": "List tasks",
"tags": [
@@ -8839,7 +9216,7 @@
},
{
"name": "/vulnerability/:agent_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_vulnerability_controller_get_vulnerability_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.vulnerability_controller.get_vulnerability_agent",
"description": "Return the vulnerabilities of an agent",
"summary": "Get vulnerabilities",
"tags": [
@@ -9005,7 +9382,7 @@
},
{
"name": "/vulnerability/:agent_id/last_scan",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_vulnerability_controller_get_last_scan_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.vulnerability_controller.get_last_scan_agent",
"description": "Return when the last full and partial vulnerability scan of a specified agent ended.",
"summary": "Get last scan datetime",
"tags": [
@@ -9045,7 +9422,7 @@
},
{
"name": "/vulnerability/:agent_id/summary/:field",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_vulnerability_controller_get_vulnerabilities_field_summary",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.vulnerability_controller.get_vulnerabilities_field_summary",
"description": "Return a summary of the vulnerabilities' field of an agent",
"summary": "Get agent vulnerabilities' field summary",
"tags": [
@@ -9126,7 +9503,7 @@
"endpoints": [
{
"name": "/active-response",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_active_response_controller_run_command",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.active_response_controller.run_command",
"description": "Run an Active Response command on all agents or a list of them",
"summary": "Run command",
"tags": [
@@ -9179,11 +9556,6 @@
"type": "string",
"format": "active_response_command"
},
- "custom": {
- "description": "Whether the specified command is a custom command or not",
- "type": "boolean",
- "default": false
- },
"alert": {
"type": "object",
"properties": {
@@ -9202,7 +9574,7 @@
},
{
"name": "/agents/:agent_id/group/:group_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_put_agent_single_group",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.put_agent_single_group",
"description": "Assign an agent to a specified group",
"summary": "Assign agent to group",
"tags": [
@@ -9259,7 +9631,7 @@
},
{
"name": "/agents/:agent_id/restart",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_restart_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.restart_agent",
"description": "Restart the specified agent",
"summary": "Restart agent",
"tags": [
@@ -9299,7 +9671,7 @@
},
{
"name": "/agents/group",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_put_multiple_agent_single_group",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.put_multiple_agent_single_group",
"description": "Assign all agents or a list of them to the specified group",
"summary": "Assign agents to group",
"tags": [
@@ -9356,7 +9728,7 @@
},
{
"name": "/agents/group/:group_id/restart",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_restart_agents_by_group",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.restart_agents_by_group",
"description": "Restart all agents which belong to a given group",
"summary": "Restart agents in group",
"tags": [
@@ -9395,7 +9767,7 @@
},
{
"name": "/agents/node/:node_id/restart",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_restart_agents_by_node",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.restart_agents_by_node",
"description": "Restart all agents which belong to a specific given node",
"summary": "Restart agents in node",
"tags": [
@@ -9433,7 +9805,7 @@
},
{
"name": "/agents/reconnect",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_reconnect_agents",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.reconnect_agents",
"description": "Force reconnect all agents or a list of them",
"summary": "Force reconnect agents",
"tags": [
@@ -9473,7 +9845,7 @@
},
{
"name": "/agents/restart",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_restart_agents",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.restart_agents",
"description": "Restart all agents or a list of them",
"summary": "Restart agents",
"tags": [
@@ -9513,7 +9885,7 @@
},
{
"name": "/agents/upgrade",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_put_upgrade_agents",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.put_upgrade_agents",
"description": "Upgrade agents using a WPK file from online repository. When upgrading more than 3000 agents at the same time, it's highly recommended to use the parameter `wait_for_complete` set to `true` to avoid a possible API timeout",
"summary": "Upgrade agents",
"tags": [
@@ -9674,7 +10046,7 @@
},
{
"name": "/agents/upgrade_custom",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_put_upgrade_custom_agents",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.put_upgrade_custom_agents",
"description": "Upgrade the agents using a local WPK file. When upgrading more than 3000 agents at the same time, it's highly recommended to use the parameter `wait_for_complete` set to `true` to avoid a possible API timeout",
"summary": "Upgrade agents custom",
"tags": [
@@ -9820,7 +10192,7 @@
},
{
"name": "/cluster/:node_id/configuration",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_update_configuration",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.update_configuration",
"description": "Replace wazuh configuration for the given node with the data contained in the API request",
"summary": "Update node configuration",
"tags": [
@@ -9858,7 +10230,7 @@
},
{
"name": "/cluster/restart",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cluster_controller_put_restart",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cluster_controller.put_restart",
"description": "Restart all nodes in the cluster or a list of them",
"summary": "Restart nodes",
"tags": [
@@ -9895,7 +10267,7 @@
},
{
"name": "/decoders/files/:filename",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_decoder_controller_put_file",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.decoder_controller.put_file",
"description": "Upload or replace a user decoder file content",
"summary": "Update decoders file",
"tags": [
@@ -9929,6 +10301,14 @@
"default": false
}
},
+ {
+ "name": "relative_dirname",
+ "description": "Filter by relative directory name",
+ "schema": {
+ "type": "string",
+ "format": "get_dirnames_path"
+ }
+ },
{
"name": "wait_for_complete",
"description": "Disable timeout response",
@@ -9941,7 +10321,7 @@
},
{
"name": "/groups/:group_id/configuration",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_put_group_config",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.put_group_config",
"description": "Update an specified group's configuration. This API call expects a full valid XML file with the shared configuration tags/syntax",
"summary": "Update group configuration",
"tags": [
@@ -9980,7 +10360,7 @@
},
{
"name": "/lists/files/:filename",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cdb_list_controller_put_file",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cdb_list_controller.put_file",
"description": "Replace or upload a CDB list file with the data contained in the API request",
"summary": "Update CDB list file",
"tags": [
@@ -10026,7 +10406,7 @@
},
{
"name": "/logtest",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_logtest_controller_run_logtest_tool",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.logtest_controller.run_logtest_tool",
"description": "Run logtest tool to check if a specified log raises any alert among other information",
"summary": "Run logtest",
"tags": [
@@ -10081,7 +10461,7 @@
},
{
"name": "/manager/configuration",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_update_configuration",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.update_configuration",
"description": "Replace Wazuh configuration with the data contained in the API request",
"summary": "Update Wazuh configuration",
"tags": [
@@ -10108,7 +10488,7 @@
},
{
"name": "/manager/restart",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_manager_controller_put_restart",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.manager_controller.put_restart",
"description": "Restart the wazuh manager",
"summary": "Restart manager",
"tags": [
@@ -10135,7 +10515,7 @@
},
{
"name": "/rootcheck",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_rootcheck_controller_put_rootcheck",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.rootcheck_controller.put_rootcheck",
"description": "Run rootcheck scan in all agents or a list of them",
"summary": "Run scan",
"tags": [
@@ -10175,7 +10555,7 @@
},
{
"name": "/rules/files/:filename",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_rule_controller_put_file",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.rule_controller.put_file",
"description": "Upload or replace a user ruleset file content",
"summary": "Update rules file",
"tags": [
@@ -10209,6 +10589,14 @@
"default": false
}
},
+ {
+ "name": "relative_dirname",
+ "description": "Filter by relative directory name",
+ "schema": {
+ "type": "string",
+ "format": "get_dirnames_path"
+ }
+ },
{
"name": "wait_for_complete",
"description": "Disable timeout response",
@@ -10221,7 +10609,7 @@
},
{
"name": "/security/config",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_put_security_config",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.put_security_config",
"description": "Update the security configuration with the data contained in the API request",
"summary": "Update security config",
"tags": [
@@ -10272,7 +10660,7 @@
},
{
"name": "/security/policies/:policy_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_update_policy",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.update_policy",
"description": "Modify a policy, at least one property must be indicated",
"summary": "Update policy",
"tags": [
@@ -10353,7 +10741,7 @@
},
{
"name": "/security/roles/:role_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_update_role",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.update_role",
"description": "Modify a role, cannot modify associated policies in this endpoint, at least one property must be indicated",
"summary": "Update role",
"tags": [
@@ -10405,7 +10793,7 @@
},
{
"name": "/security/rules/:rule_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_update_rule",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.update_rule",
"description": "Modify a security rule by specifying its ID",
"summary": "Update security rule",
"tags": [
@@ -10461,7 +10849,7 @@
},
{
"name": "/security/user/revoke",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_revoke_all_tokens",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.revoke_all_tokens",
"description": "This method should be called to revoke all active JWT tokens",
"summary": "Revoke JWT tokens",
"tags": [
@@ -10470,7 +10858,7 @@
},
{
"name": "/security/users/:user_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_update_user",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.update_user",
"description": "Modify a user's password by specifying their ID",
"summary": "Update users",
"tags": [
@@ -10520,7 +10908,7 @@
},
{
"name": "/security/users/:user_id/run_as",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_edit_run_as",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.edit_run_as",
"description": "Modify a user's allow_run_as flag by specifying their ID",
"summary": "Enable/Disable run_as",
"tags": [
@@ -10567,7 +10955,7 @@
},
{
"name": "/syscheck",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscheck_controller_put_syscheck",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscheck_controller.put_syscheck",
"description": "Run FIM scan in all agents",
"summary": "Run scan",
"tags": [
@@ -10607,7 +10995,7 @@
},
{
"name": "/vulnerability",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_vulnerability_controller_run_vulnerability_scan",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.vulnerability_controller.run_vulnerability_scan",
"description": "Run a vulnerability detector scan in all nodes",
"summary": "Run vulnerability detector scan",
"tags": [
@@ -10639,7 +11027,7 @@
"endpoints": [
{
"name": "/agents",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_add_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.add_agent",
"description": "Add a new agent",
"summary": "Add agent",
"tags": [
@@ -10686,7 +11074,7 @@
},
{
"name": "/agents/insert",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_insert_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.insert_agent",
"description": "Add an agent specifying its name, ID and IP. If an agent with the same name, the same ID or the same IP already exists, replace it using the `force` parameter",
"summary": "Add agent full",
"tags": [
@@ -10779,7 +11167,7 @@
},
{
"name": "/agents/insert/quick",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_post_new_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.post_new_agent",
"description": "Add a new agent with name `agent_name`. This agent will use `any` as IP",
"summary": "Add agent quick",
"tags": [
@@ -10814,9 +11202,53 @@
}
]
},
+ {
+ "name": "/events",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.event_controller.forward_event",
+ "description": "Send security events to analysisd.\n\nThe endpoint is limited to receiving a max of 30 requests per minute and a max bulk size of 100 events per request.",
+ "summary": "Ingest events",
+ "tags": [
+ "Events"
+ ],
+ "query": [
+ {
+ "name": "pretty",
+ "description": "Show results in human-readable format",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ },
+ {
+ "name": "wait_for_complete",
+ "description": "Disable timeout response",
+ "schema": {
+ "type": "boolean",
+ "default": false
+ }
+ }
+ ],
+ "body": [
+ {
+ "type": "object",
+ "properties": {
+ "events": {
+ "description": "Bulk of events",
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ "required": [
+ "events"
+ ]
+ }
+ ]
+ },
{
"name": "/groups",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_post_group",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.post_group",
"description": "Create a new group",
"summary": "Create a group",
"tags": [
@@ -10859,7 +11291,7 @@
},
{
"name": "/security/policies",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_add_policy",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.add_policy",
"description": "Add a new policy, all fields need to be specified",
"summary": "Add policy",
"tags": [
@@ -10932,7 +11364,7 @@
},
{
"name": "/security/roles",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_add_role",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.add_role",
"description": "Add a new role, all fields need to be specified",
"summary": "Add role",
"tags": [
@@ -10975,7 +11407,7 @@
},
{
"name": "/security/roles/:role_id/policies",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_set_role_policy",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.set_role_policy",
"description": "Create a specified relation role-policy, one role may have multiples policies",
"summary": "Add policies to role",
"tags": [
@@ -11036,7 +11468,7 @@
},
{
"name": "/security/roles/:role_id/rules",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_set_role_rule",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.set_role_rule",
"description": "Create a specific role-rule relation. One role may have multiple security rules",
"summary": "Add security rules to role",
"tags": [
@@ -11088,7 +11520,7 @@
},
{
"name": "/security/rules",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_add_rule",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.add_rule",
"description": "Add a new security rule",
"summary": "Add security rule",
"tags": [
@@ -11136,7 +11568,7 @@
},
{
"name": "/security/user/authenticate",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_login_user",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.login_user",
"description": "This method should be called to get an API token. This token will expire after auth_token_exp_timeout seconds (default: 900). This value can be changed using PUT /security/config",
"summary": "Login",
"tags": [
@@ -11155,7 +11587,7 @@
},
{
"name": "/security/user/authenticate/run_as",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_run_as_login",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.run_as_login",
"description": "This method should be called to get an API token using an authorization context body. This token will expire after auth_token_exp_timeout seconds (default: 900). This value can be changed using PUT /security/config",
"summary": "Login auth_context",
"tags": [
@@ -11174,7 +11606,7 @@
},
{
"name": "/security/users",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_create_user",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.create_user",
"description": "Add a new API user to the system",
"summary": "Add user",
"tags": [
@@ -11222,7 +11654,7 @@
},
{
"name": "/security/users/:user_id/roles",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_set_user_role",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.set_user_role",
"description": "Create a specified relation role-policy, one user may have multiples roles",
"summary": "Add roles to user",
"tags": [
@@ -11288,7 +11720,7 @@
"endpoints": [
{
"name": "/agents",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_delete_agents",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.delete_agents",
"description": "Delete all agents or a list of them based on optional criteria",
"summary": "Delete agents",
"tags": [
@@ -11453,7 +11885,7 @@
},
{
"name": "/agents/:agent_id/group",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_delete_single_agent_multiple_groups",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.delete_single_agent_multiple_groups",
"description": "Remove the agent from all groups or a list of them. The agent will automatically revert to the default group if it is removed from all its assigned groups",
"summary": "Remove agent from groups",
"tags": [
@@ -11505,7 +11937,7 @@
},
{
"name": "/agents/:agent_id/group/:group_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_delete_single_agent_single_group",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.delete_single_agent_single_group",
"description": "Remove an agent from a specified group. If the agent belongs to several groups, only the specified group will be deleted.",
"summary": "Remove agent from group",
"tags": [
@@ -11555,7 +11987,7 @@
},
{
"name": "/agents/group",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_delete_multiple_agent_single_group",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.delete_multiple_agent_single_group",
"description": "Remove all agents assignment or a list of them from the specified group",
"summary": "Remove agents from group",
"tags": [
@@ -11606,7 +12038,7 @@
},
{
"name": "/decoders/files/:filename",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_decoder_controller_delete_file",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.decoder_controller.delete_file",
"description": "Delete a specified decoder file",
"summary": "Delete decoders file",
"tags": [
@@ -11632,6 +12064,14 @@
"default": false
}
},
+ {
+ "name": "relative_dirname",
+ "description": "Filter by relative directory name",
+ "schema": {
+ "type": "string",
+ "format": "get_dirnames_path"
+ }
+ },
{
"name": "wait_for_complete",
"description": "Disable timeout response",
@@ -11644,7 +12084,7 @@
},
{
"name": "/experimental/rootcheck",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_experimental_controller_clear_rootcheck_database",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.experimental_controller.clear_rootcheck_database",
"description": "Clear rootcheck database for all agents or a list of them",
"summary": "Clear rootcheck results",
"tags": [
@@ -11685,7 +12125,7 @@
},
{
"name": "/experimental/syscheck",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_experimental_controller_clear_syscheck_database",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.experimental_controller.clear_syscheck_database",
"description": "Clear the syscheck database for all agents or a list of them",
"summary": "Clear agents FIM results",
"tags": [
@@ -11726,7 +12166,7 @@
},
{
"name": "/groups",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_agent_controller_delete_groups",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.agent_controller.delete_groups",
"description": "Delete all groups or a list of them",
"summary": "Delete groups",
"tags": [
@@ -11767,7 +12207,7 @@
},
{
"name": "/lists/files/:filename",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_cdb_list_controller_delete_file",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.cdb_list_controller.delete_file",
"description": "Delete a specified CDB list file. Only the filename can be specified. It will be searched recursively if not found",
"summary": "Delete CDB list file",
"tags": [
@@ -11805,7 +12245,7 @@
},
{
"name": "/logtest/sessions/:token",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_logtest_controller_end_logtest_session",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.logtest_controller.end_logtest_session",
"description": "Delete the saved logtest session corresponding to {token}",
"summary": "End session",
"tags": [
@@ -11843,7 +12283,7 @@
},
{
"name": "/rootcheck/:agent_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_rootcheck_controller_delete_rootcheck",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.rootcheck_controller.delete_rootcheck",
"description": "Clear an agent's rootcheck database",
"summary": "Clear results",
"tags": [
@@ -11883,7 +12323,7 @@
},
{
"name": "/rules/files/:filename",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_rule_controller_delete_file",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.rule_controller.delete_file",
"description": "Delete a specified rule file",
"summary": "Delete rules file",
"tags": [
@@ -11909,6 +12349,14 @@
"default": false
}
},
+ {
+ "name": "relative_dirname",
+ "description": "Filter by relative directory name",
+ "schema": {
+ "type": "string",
+ "format": "get_dirnames_path"
+ }
+ },
{
"name": "wait_for_complete",
"description": "Disable timeout response",
@@ -11921,7 +12369,7 @@
},
{
"name": "/security/config",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_delete_security_config",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.delete_security_config",
"description": "Replaces the security configuration with the original one",
"summary": "Restore default security config",
"tags": [
@@ -11948,7 +12396,7 @@
},
{
"name": "/security/policies",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_remove_policies",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.remove_policies",
"description": "Delete a list of policies or all policies in the system, roles linked to policies are not going to be removed",
"summary": "Delete policies",
"tags": [
@@ -11988,7 +12436,7 @@
},
{
"name": "/security/roles",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_remove_roles",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.remove_roles",
"description": "Policies linked to roles are not going to be removed",
"summary": "Delete roles",
"tags": [
@@ -12028,7 +12476,7 @@
},
{
"name": "/security/roles/:role_id/policies",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_remove_role_policy",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.remove_role_policy",
"description": "Delete a specified relation role-policy",
"summary": "Remove policies from role",
"tags": [
@@ -12080,7 +12528,7 @@
},
{
"name": "/security/roles/:role_id/rules",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_remove_role_rule",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.remove_role_rule",
"description": "Delete a specific role-rule relation",
"summary": "Remove security rules from role",
"tags": [
@@ -12132,7 +12580,7 @@
},
{
"name": "/security/rules",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_remove_rules",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.remove_rules",
"description": "Delete a list of security rules or all security rules in the system, roles linked to rules are not going to be deleted",
"summary": "Delete security rules",
"tags": [
@@ -12172,7 +12620,7 @@
},
{
"name": "/security/user/authenticate",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_logout_user",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.logout_user",
"description": "This method should be called to invalidate all the current user's tokens",
"summary": "Logout current user",
"tags": [
@@ -12181,7 +12629,7 @@
},
{
"name": "/security/users",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_delete_users",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.delete_users",
"description": "Delete a list of users by specifying their IDs",
"summary": "Delete users",
"tags": [
@@ -12221,7 +12669,7 @@
},
{
"name": "/security/users/:user_id/roles",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_security_controller_remove_user_role",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.security_controller.remove_user_role",
"description": "Delete a specified relation user-roles",
"summary": "Remove roles from user",
"tags": [
@@ -12273,7 +12721,7 @@
},
{
"name": "/syscheck/:agent_id",
- "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api_controllers_syscheck_controller_delete_syscheck_agent",
+ "documentation": "https://documentation.wazuh.com/4.8/user-manual/api/reference.html#operation/api.controllers.syscheck_controller.delete_syscheck_agent",
"description": "Clear file integrity monitoring scan results for a specified agent. Only available for agents < 3.12.0, it doesn't apply for more recent ones",
"summary": "Clear results",
"tags": [
diff --git a/plugins/main/common/api-info/security-actions.json b/plugins/main/common/api-info/security-actions.json
index c9b571e3e2..37d13fe040 100644
--- a/plugins/main/common/api-info/security-actions.json
+++ b/plugins/main/common/api-info/security-actions.json
@@ -1126,5 +1126,23 @@
"GET /vulnerability/{agent_id}/last_scan",
"GET /vulnerability/{agent_id}/summary/{field}"
]
+ },
+ "event:ingest": {
+ "description": "Ingest events",
+ "resources": [
+ "*:*"
+ ],
+ "example": {
+ "actions": [
+ "event:ingest"
+ ],
+ "resources": [
+ "*:*:*"
+ ],
+ "effect": "allow"
+ },
+ "related_endpoints": [
+ "POST /events"
+ ]
}
}
\ No newline at end of file
diff --git a/plugins/main/package.json b/plugins/main/package.json
index 3c3826d3ba..01854fb80b 100644
--- a/plugins/main/package.json
+++ b/plugins/main/package.json
@@ -3,7 +3,7 @@
"version": "4.8.0",
"revision": "00",
"pluginPlatform": {
- "version": "2.9.0"
+ "version": "2.10.0"
},
"description": "Wazuh dashboard",
"keywords": [
diff --git a/plugins/main/public/components/agents/__snapshots__/agent-status.test.tsx.snap b/plugins/main/public/components/agents/__snapshots__/agent-status.test.tsx.snap
index e9894d11db..6253e66ffd 100644
--- a/plugins/main/public/components/agents/__snapshots__/agent-status.test.tsx.snap
+++ b/plugins/main/public/components/agents/__snapshots__/agent-status.test.tsx.snap
@@ -118,7 +118,7 @@ exports[`AgentStatus component Renders status indicator with the its color and t
xmlns="http://www.w3.org/2000/svg"
>
@@ -185,7 +185,7 @@ exports[`AgentStatus component Renders status indicator with the its color and t
xmlns="http://www.w3.org/2000/svg"
>
@@ -252,7 +252,7 @@ exports[`AgentStatus component Renders status indicator with the its color and t
xmlns="http://www.w3.org/2000/svg"
>
diff --git a/plugins/main/public/components/agents/syscollector/__snapshots__/inventory.test.tsx.snap b/plugins/main/public/components/agents/syscollector/__snapshots__/inventory.test.tsx.snap
index 539eeb3f55..f515d70f35 100644
--- a/plugins/main/public/components/agents/syscollector/__snapshots__/inventory.test.tsx.snap
+++ b/plugins/main/public/components/agents/syscollector/__snapshots__/inventory.test.tsx.snap
@@ -147,7 +147,7 @@ exports[`Inventory component A Apple agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -352,7 +352,7 @@ exports[`Inventory component A Apple agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -531,7 +531,7 @@ exports[`Inventory component A Apple agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -865,7 +865,7 @@ exports[`Inventory component A Apple agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -1070,7 +1070,7 @@ exports[`Inventory component A Apple agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -1252,7 +1252,7 @@ exports[`Inventory component A Apple agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -1457,7 +1457,7 @@ exports[`Inventory component A Apple agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -1641,7 +1641,7 @@ exports[`Inventory component A Apple agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -1847,7 +1847,7 @@ exports[`Inventory component A Apple agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -4279,7 +4279,7 @@ exports[`Inventory component A Windows agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -4484,7 +4484,7 @@ exports[`Inventory component A Windows agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -4663,7 +4663,7 @@ exports[`Inventory component A Windows agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -5021,7 +5021,7 @@ exports[`Inventory component A Windows agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -5226,7 +5226,7 @@ exports[`Inventory component A Windows agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -5405,7 +5405,7 @@ exports[`Inventory component A Windows agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -5610,7 +5610,7 @@ exports[`Inventory component A Windows agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -5696,7 +5696,7 @@ exports[`Inventory component A Windows agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -5901,7 +5901,7 @@ exports[`Inventory component A Windows agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -6061,7 +6061,7 @@ exports[`Inventory component A Windows agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
@@ -6267,7 +6267,7 @@ exports[`Inventory component A Windows agent should be well rendered. 1`] = `
xmlns="http://www.w3.org/2000/svg"
>
diff --git a/plugins/main/public/controllers/agent/components/__snapshots__/agent-table.test.tsx.snap b/plugins/main/public/controllers/agent/components/__snapshots__/agent-table.test.tsx.snap
index 828132dbed..c13fb6e2cd 100644
--- a/plugins/main/public/controllers/agent/components/__snapshots__/agent-table.test.tsx.snap
+++ b/plugins/main/public/controllers/agent/components/__snapshots__/agent-table.test.tsx.snap
@@ -611,7 +611,7 @@ exports[`AgentsTable component Renders correctly to match the snapshot with cust
xmlns="http://www.w3.org/2000/svg"
>
@@ -644,7 +644,7 @@ exports[`AgentsTable component Renders correctly to match the snapshot with cust
xmlns="http://www.w3.org/2000/svg"
>
@@ -811,7 +811,7 @@ exports[`AgentsTable component Renders correctly to match the snapshot with cust
xmlns="http://www.w3.org/2000/svg"
>
@@ -928,7 +928,7 @@ exports[`AgentsTable component Renders correctly to match the snapshot with cust
xmlns="http://www.w3.org/2000/svg"
>
@@ -1155,7 +1155,7 @@ exports[`AgentsTable component Renders correctly to match the snapshot with no p
xmlns="http://www.w3.org/2000/svg"
>
@@ -1188,7 +1188,7 @@ exports[`AgentsTable component Renders correctly to match the snapshot with no p
xmlns="http://www.w3.org/2000/svg"
>
@@ -1355,7 +1355,7 @@ exports[`AgentsTable component Renders correctly to match the snapshot with no p
xmlns="http://www.w3.org/2000/svg"
>
@@ -1472,7 +1472,7 @@ exports[`AgentsTable component Renders correctly to match the snapshot with no p
xmlns="http://www.w3.org/2000/svg"
>
diff --git a/plugins/main/public/controllers/agent/register-agent/steps/__snapshots__/server-address.test.tsx.snap b/plugins/main/public/controllers/agent/register-agent/steps/__snapshots__/server-address.test.tsx.snap
index d41e54d637..5326643f51 100644
--- a/plugins/main/public/controllers/agent/register-agent/steps/__snapshots__/server-address.test.tsx.snap
+++ b/plugins/main/public/controllers/agent/register-agent/steps/__snapshots__/server-address.test.tsx.snap
@@ -70,7 +70,7 @@ exports[`Server Address Combobox should match snapshot 1`] = `
xmlns="http://www.w3.org/2000/svg"
>