Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Spike - Initial indexer initialization plugin design #256

Closed
3 tasks done
Tracked by #22887
AlexRuiz7 opened this issue Jun 5, 2024 · 1 comment
Closed
3 tasks done
Tracked by #22887

Spike - Initial indexer initialization plugin design #256

AlexRuiz7 opened this issue Jun 5, 2024 · 1 comment
Assignees
Labels
level/task Task issue request/operational Operational requests type/enhancement Enhancement issue

Comments

@AlexRuiz7
Copy link
Member

AlexRuiz7 commented Jun 5, 2024

Description

As part of the new Data Persistence Model to be implemented across Wazuh, we want to develop a plugin for the Wazuh Indexer to ensure that all of its requirements are ready during its initialization. The initialization process would consist of these currently identified requirements (these may change):

  • Creating the stateless stream indices and their index templates (mappings and settings).
  • Creating the stateful indices and their index templates (mappings and settings).
  • Creating the agent index and its index template (mappings and settings).
  • All necessary users and their minimum permissions (RBAC).
  • Rollover + alias configuration for stream indices.

On this spike, we will design, build and test a PoC of this plugin.

The goal of this issue is to collect the knowledge base to scaffold a Wazuh Indexer plugin for development, interact with its life cycle, automatically test its features and explore these capabilities:

  • create indices and index templates (mappings)
  • communicate and interact with other plugins, for example, Index Management

Functional requirements

  • The plugin's uses OpenSearch's lifecycle to initialize the features mentioned above.
  • The plugin includes error handling to notify the users of errors in an understandable manner.
  • The Wazuh Indexer will not allow indexing until it's being initialized correctly.

Implementation restrictions

  • We will use Java as the programming language.
  • The initialization plugin will be included in the Wazuh Indexer packages by default.

Plan

@AlexRuiz7 AlexRuiz7 added level/task Task issue request/operational Operational requests type/enhancement Enhancement issue labels Jun 5, 2024
@wazuhci wazuhci moved this to Triage in Release 5.0.0 Jun 5, 2024
@wazuhci wazuhci moved this from Triage to Backlog in Release 5.0.0 Jun 10, 2024
@AlexRuiz7 AlexRuiz7 self-assigned this Jun 18, 2024
@wazuhci wazuhci moved this from Backlog to In progress in Release 5.0.0 Jun 18, 2024
@wazuhci wazuhci moved this from In progress to On hold in Release 5.0.0 Jun 20, 2024
@AlexRuiz7
Copy link
Member Author

We'll continue defining the remaining ECS compliant templates as part of the MVP stage.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
level/task Task issue request/operational Operational requests type/enhancement Enhancement issue
Projects
Status: Done
Development

No branches or pull requests

1 participant