-
Notifications
You must be signed in to change notification settings - Fork 60
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
POC engine UX - security policy management #216
POC engine UX - security policy management #216
Comments
Reserved |
Research - Rule relationship visualizationI was exploring the idea to represent the rule relationships through a Vega visualization. I don't know what is the final document schema of a rule definition, but I defined a simple schema to test the representation of rule relationship storing in the rules data:
Reviewing the chart types, I decided to test with the Tree layout. ℹ️ From my tests, the Following this approach I store some data on an index on Wazuh indexerI created an index where I store some mocked documents related to rules.
Then I indexed some documents:
With the data rule on the Wazuh indexer, I created a visualization of Notes:
Vega visualization definition
Then, I got the visualization definition and used the same mechanism to render a dashboard used on the main plugin, and I got the visualization: |
Mocked API response and flyout added Grabacion.2024-06-11.123352.mp4Update 08/07Grabacion.2024-06-11.123352.mp4 |
Description
We have to create a new proof of concept plugin that allows the user to manage the new engine.
The engine has the following object types:
Related to the security policy management the engine defines:
These concepts are defined in the engine user manual
Based on this, we need to propose a UI to manage these concepts.
We need to provide an intuitive interface for the engine configuration changes, allowing users to easily adjust settings.
It should list the engine configuration and provide a form to edit each setting, ideally using different controls for different configuration data types, validanting the user input.
Also, we need to provide a way to manage KVDBs which is the replacement of the current CDBs. The main difference is that KVDBs are dynamic and can be updated while the policy is running. KVDBs will not be stored in the indexer, so these operations should assume it will be accessed using the API.
References
Plan
The text was updated successfully, but these errors were encountered: