Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge 4.10.2 into master #514

Merged
merged 100 commits into from
Nov 5, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
100 commits
Select commit Hold shift + click to select a range
9ad2f82
Init wazuh-indexer (#3)
AlexRuiz7 Aug 3, 2023
352e675
Create codeql.yml
AlexRuiz7 Aug 3, 2023
91fef34
Update dependabot.yml
AlexRuiz7 Aug 3, 2023
ce79f5a
Update SECURITY.md (#30)
AlexRuiz7 Sep 19, 2023
bf09e9b
Add ECS mappings generator (#36)
AlexRuiz7 Oct 9, 2023
a614448
Add default query fields to vulnerability detector index (#40)
AlexRuiz7 Oct 20, 2023
6722947
Create gradle_build.yml
AlexRuiz7 Oct 20, 2023
d376486
Update gradle_build.yml
AlexRuiz7 Oct 20, 2023
91a2de0
Add a script to configure the rollover policy (#49)
AlexRuiz7 Nov 2, 2023
0369a4e
Update ISM init script (#50)
AlexRuiz7 Nov 7, 2023
2e7f6d4
Fix bug with -i option (#51)
AlexRuiz7 Nov 8, 2023
9d5e91c
Update min_doc_count value (#52)
AlexRuiz7 Nov 14, 2023
a5f309d
Improve ISM init script (#57)
AlexRuiz7 Nov 15, 2023
bf4d828
Update distribution files (#59)
AlexRuiz7 Nov 22, 2023
b07b964
Update documentation of the ECS tooling (#67)
AlexRuiz7 Nov 28, 2023
5607ca0
Add workflow for package generation (#65)
AlexRuiz7 Nov 28, 2023
df8760e
Add docker compose environment (#66)
AlexRuiz7 Nov 29, 2023
aef0064
Rename packages to wazuh-indexer (#69)
AlexRuiz7 Dec 5, 2023
692ee6a
Update vulnerability index mappings (#75)
AlexRuiz7 Dec 7, 2023
f6c9a3c
Update `indexer-ism-init.sh` (#81)
AlexRuiz7 Dec 18, 2023
693c074
Add workflow to assemble packages (#85)
AlexRuiz7 Dec 26, 2023
458c7ee
Fix yellow cluster state (#95)
AlexRuiz7 Dec 27, 2023
62d4295
Update ism-init script (#97)
AlexRuiz7 Jan 3, 2024
3b126b8
Add tools to assemble DEB packages (#96)
AlexRuiz7 Jan 4, 2024
483f4c5
Update README.md
AlexRuiz7 Jan 4, 2024
fba5a68
Build scripts and GH workflows artifacts naming fix (#112)
f-galland Jan 10, 2024
2dfe8e9
Use short SHA as Git reference in packages naming (#100)
f-galland Jan 10, 2024
c85f426
Remove unneeded files from assembled packages (#115)
f-galland Jan 12, 2024
347103e
Add missing tools and files back into Wazuh Indexer packages (#117)
f-galland Jan 12, 2024
25c9179
Remove unneeded symbolic links from assembled packages (#121)
f-galland Jan 15, 2024
d10c450
Update issue templates (#127)
AlexRuiz7 Jan 16, 2024
fca8376
Fix RPM package references to /var/run (#119)
f-galland Jan 18, 2024
bc9546c
Removing post-install message from wazuh-indexer.rpm.spec (#131)
f-galland Jan 18, 2024
828c2f8
Add tests to the packages building process (#132)
AlexRuiz7 Jan 18, 2024
1ba2351
Get Wazuh version from VERSION file (#122)
f-galland Jan 19, 2024
3fe6905
Removing /usr/share/lintian/overrides/wazuh-indexer from deb packages…
f-galland Jan 19, 2024
b9b0aa0
Add `wazuh-template.json` to packages (#116)
f-galland Jan 19, 2024
724b7a5
Adding Debian packaging config files from Opensearch (#118)
f-galland Jan 19, 2024
c142fcd
Fix Build workflow to run on push events (#134)
AlexRuiz7 Jan 19, 2024
e89f567
Use maven for plugin download (#139)
f-galland Jan 22, 2024
23bf3a1
Add new custom field to the vulnerability detector index (#141)
AlexRuiz7 Jan 25, 2024
fb01cc0
Fine tuning permissions on assembled packages (#137)
f-galland Jan 30, 2024
3e7c582
Init. Amazon Security Lake integration (#143)
AlexRuiz7 Jan 31, 2024
c3a9d49
Add events generator tool for `wazuh-alerts` (#152)
AlexRuiz7 Feb 15, 2024
9024768
Add `wazuh.manager.name` to VD mappings (#158)
AlexRuiz7 Feb 20, 2024
4d9f2a5
Create compatibility_request.md (#163)
AlexRuiz7 Feb 23, 2024
de40567
Add Python module to accomplish OCSF compliant events (#159)
AlexRuiz7 Mar 4, 2024
092874c
Update Gradle setup action (#182)
AlexRuiz7 Mar 7, 2024
8e4d75b
Update vulnerability-states fields (#177)
AlexRuiz7 Mar 7, 2024
f152f81
Automate package's testing (#178)
AlexRuiz7 Mar 8, 2024
30f7084
Remove ecs.version from query.default_fields (#184)
AlexRuiz7 Mar 8, 2024
9eeb248
Upload packages to S3 (#179)
AlexRuiz7 Mar 8, 2024
8f07f88
Add bash to Docker dev image (#185)
AlexRuiz7 Mar 15, 2024
fa72a21
Update wazuh-states-vulnerabilities index mapping (#191)
AlexRuiz7 Mar 26, 2024
b6c98d6
Add pipeline to generate release packages (#193)
AlexRuiz7 Mar 27, 2024
43cc0d7
Build Docker images (#194)
AlexRuiz7 Apr 4, 2024
9af6fe8
Add on.workflow_call to build_single.yml workflow (#200)
AlexRuiz7 Apr 9, 2024
b936fe6
Add Pyhton module to implement Amazon Security Lake integration (#186)
AlexRuiz7 Apr 9, 2024
224a291
Replace choice with string on workflow_call (#207)
AlexRuiz7 Apr 18, 2024
0ca9f27
Use AWS_REGION secret (#209)
AlexRuiz7 Apr 24, 2024
a40b93b
Add Lambda function for the Amazon Security Lake integration (#189)
AlexRuiz7 Apr 24, 2024
bf2f55c
Bump Java version in Docker environments (#210)
AlexRuiz7 Apr 26, 2024
7fe7096
Fix access denied error during log rotation (#212)
AlexRuiz7 Apr 26, 2024
9c65d2b
Save intermediate OCSF files to an S3 bucket (#218)
AlexRuiz7 Apr 26, 2024
6127124
Fix Parquet files format (#217)
AlexRuiz7 Apr 26, 2024
d85d99f
Fix mapping to Detection Finding OCSF class (#220)
AlexRuiz7 Apr 29, 2024
d7786a3
Map events to OCSF's Security Finding class (#221)
AlexRuiz7 Apr 30, 2024
701190c
Add ID input to workflows (#229)
rauldpm May 17, 2024
31ac9a6
Add OPENSEARCH_TMPDIR variable to service and create directory in pac…
f-galland May 21, 2024
6de22a1
Improve workflow's run-name with tagret system and architeture (#237)
AlexRuiz7 May 28, 2024
4efe0a2
Add documentation for the Amazon Security Lake integration (#226)
AlexRuiz7 May 28, 2024
909a9e2
Rename environment variable (#240)
AlexRuiz7 May 28, 2024
816fa2d
Remove maintainer-approval.yml (#241)
AlexRuiz7 May 28, 2024
f5d00c2
Improve logging and error handling on ASL Lambda function (#242)
AlexRuiz7 May 29, 2024
ec9fd89
Update .gitattributes (#243)
AlexRuiz7 May 29, 2024
7a665ae
Change . for : in debian's postinst (#245)
f-galland May 31, 2024
12311e8
Add integration with Elastic (#248)
AlexRuiz7 Jun 5, 2024
c5d13aa
Added S3 URI output to package generation upload (#249)
rauldpm Jun 7, 2024
e1d0334
Add OpenSearch integration (#258)
f-galland Jun 7, 2024
5e4c84f
Add Splunk integration (#257)
AlexRuiz7 Jun 11, 2024
aae3b6f
Add Manager to Elastic integration (#266)
AlexRuiz7 Jun 12, 2024
f4cc1e6
Add Manager to Splunk integration (#268)
AlexRuiz7 Jun 14, 2024
5a7445a
Add Manager to OpenSearch integration (#267)
AlexRuiz7 Jun 14, 2024
4609871
Attempt nr.2 to fix #277 (#280)
AlexRuiz7 Jun 25, 2024
b32fa76
Remove references to indexer-ism-init.sh and wazuh-template.json (#281)
f-galland Jun 25, 2024
95f1e12
Bump 4.10.0 (#272)
AlexRuiz7 Jun 20, 2024
b4d103d
Merge 4.9.1 into 4.10.0 (#358)
AlexRuiz7 Aug 20, 2024
b8c8bab
Merge 4.9.2 into 4.10.0 (#378)
AlexRuiz7 Sep 6, 2024
d616b80
Fix build.gradle (#381)
AlexRuiz7 Sep 9, 2024
f53e992
Remove old compose files for integrations (#386)
AlexRuiz7 Sep 9, 2024
095d2e3
Delete integrations/docker/amazon-security-lake.yml
AlexRuiz7 Sep 9, 2024
c629334
Delete integrations/docker/config directory
AlexRuiz7 Sep 9, 2024
066c12a
Update vulnerability detector index template (#383)
AlexRuiz7 Sep 9, 2024
ce1c6b2
Merge 4.9.1 into 4.10.0 (#426)
AlexRuiz7 Sep 23, 2024
aad4754
Bump version to 4.10.1 (#430)
AlexRuiz7 Sep 24, 2024
ed170ac
Support new version 4.10.2 (#441)
AlexRuiz7 Oct 3, 2024
abe5f5f
Enable assembly of ARM packages (#444)
AlexRuiz7 Oct 4, 2024
e6e60cd
Merge 4.10.1 into 4.10.2 (#473)
AlexRuiz7 Oct 17, 2024
a7bbb60
Merge 4.10.1 into 4.10.2 (#513)
AlexRuiz7 Nov 5, 2024
f9d9a2b
Merge branch '4.10.2' into merge-4.10.2-into-master
AlexRuiz7 Nov 5, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 10 additions & 3 deletions distribution/packages/src/deb/debian/postinst
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ data_dir=/var/lib/wazuh-indexer
log_dir=/var/log/wazuh-indexer
pid_dir=/run/wazuh-indexer
tmp_dir=/var/log/wazuh-indexer/tmp

restart_service=/tmp/wazuh-indexer.restart

# Create needed directories
mkdir -p ${tmp_dir}
Expand All @@ -46,6 +46,15 @@ if command -v systemd-tmpfiles > /dev/null; then
systemd-tmpfiles --create wazuh-indexer.conf
fi

if [ -f $restart_service ]; then
rm -f $restart_service
echo "Restarting wazuh-indexer service..."
if command -v systemctl > /dev/null; then
systemctl restart wazuh-indexer.service > /dev/null 2>&1
fi
exit 0
fi

# Messages
echo "### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd"
echo " sudo systemctl daemon-reload"
Expand All @@ -54,5 +63,3 @@ echo "### You can start wazuh-indexer service by executing"
echo " sudo systemctl start wazuh-indexer.service"

exit 0


4 changes: 4 additions & 0 deletions distribution/packages/src/deb/debian/preinst
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,14 @@ set -e

echo "Running Wazuh Indexer Pre-Installation Script"

# Reference to restore actual service status
restart_service=/tmp/wazuh-indexer.restart

# Stop existing service
if command -v systemctl >/dev/null && systemctl is-active wazuh-indexer.service >/dev/null; then
echo "Stop existing wazuh-indexer.service"
systemctl --no-reload stop wazuh-indexer.service
touch $restart_service
fi
if command -v systemctl >/dev/null && systemctl is-active wazuh-indexer-performance-analyzer.service >/dev/null; then
echo "Stop existing wazuh-indexer-performance-analyzer.service"
Expand Down
33 changes: 22 additions & 11 deletions distribution/packages/src/deb/debian/prerm
Original file line number Diff line number Diff line change
Expand Up @@ -11,16 +11,27 @@

set -e

echo "Running Wazuh Indexer Pre-Removal Script"

# Stop existing service
if command -v systemctl >/dev/null && systemctl is-active wazuh-indexer.service >/dev/null; then
echo "Stop existing wazuh-indexer.service"
systemctl --no-reload stop wazuh-indexer.service
fi
if command -v systemctl >/dev/null && systemctl is-active wazuh-indexer-performance-analyzer.service >/dev/null; then
echo "Stop existing wazuh-indexer-performance-analyzer.service"
systemctl --no-reload stop wazuh-indexer-performance-analyzer.service
fi
case "$1" in
upgrade|deconfigure)
;;
remove)
echo "Running Wazuh Indexer Pre-Removal Script"
# Stop existing service
if command -v systemctl >/dev/null && systemctl is-active wazuh-indexer.service >/dev/null; then
echo "Stop existing wazuh-indexer.service"
systemctl --no-reload stop wazuh-indexer.service
fi
if command -v systemctl >/dev/null && systemctl is-active wazuh-indexer-performance-analyzer.service >/dev/null; then
echo "Stop existing wazuh-indexer-performance-analyzer.service"
systemctl --no-reload stop wazuh-indexer-performance-analyzer.service
fi
;;
failed-upgrade)
;;
*)
echo "prerm called with unknown argument \`$1'" >&2
exit 0
;;
esac

exit 0
14 changes: 13 additions & 1 deletion distribution/packages/src/rpm/wazuh-indexer.rpm.spec
Original file line number Diff line number Diff line change
Expand Up @@ -162,6 +162,7 @@ set -e
if command -v systemctl >/dev/null && systemctl is-active %{name}.service >/dev/null; then
echo "Stop existing %{name}.service"
systemctl --no-reload stop %{name}.service
touch %{tmp_dir}/wazuh-indexer.restart
fi
if command -v systemctl >/dev/null && systemctl is-active %{name}-performance-analyzer.service >/dev/null; then
echo "Stop existing %{name}-performance-analyzer.service"
Expand Down Expand Up @@ -204,6 +205,15 @@ if command -v systemd-tmpfiles > /dev/null; then
systemd-tmpfiles --create %{name}.conf
fi

if [ -f %{tmp_dir}/wazuh-indexer.restart ]; then
rm -f %{tmp_dir}/wazuh-indexer.restart
if command -v systemctl > /dev/null; then
echo "Restarting wazuh-indexer service..."
systemctl restart wazuh-indexer.service > /dev/null 2>&1
exit 0
fi
fi

# Messages
echo "### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd"
echo " sudo systemctl daemon-reload"
Expand Down Expand Up @@ -272,8 +282,10 @@ exit 0
- More info: https://documentation.wazuh.com/current/release-notes/release-4-10-2.html
* Tue Jan 28 2025 support <[email protected]> - 4.10.1
- More info: https://documentation.wazuh.com/current/release-notes/release-4-10-1.html
* Tue Nov 26 2024 support <[email protected]> - 4.10.0
* Thu Nov 28 2024 support <[email protected]> - 4.10.0
- More info: https://documentation.wazuh.com/current/release-notes/release-4-10-0.html
* Mon Nov 04 2024 support <[email protected]> - 4.9.2
- More info: https://documentation.wazuh.com/current/release-notes/release-4-9-2.html
* Tue Oct 15 2024 support <[email protected]> - 4.9.1
- More info: https://documentation.wazuh.com/current/release-notes/release-4-9-1.html
* Thu Aug 15 2024 support <[email protected]> - 4.9.0
Expand Down
2 changes: 1 addition & 1 deletion release-notes/wazuh.release-notes-4.9.1.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
## 2024-09-27 Version 4.9.1-rc2 Release Notes
## 2024-10-15 Version 4.9.1 Release Notes

## [4.9.1]
### Added
Expand Down