wazuh/wazuh-indexer-plugins
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-indexer-plugins.git synced 2025-12-10 14:32:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Migrate WCS changes from the wazuh-indexer repository (#552)

Browse Source 
* Migrate WCS changes from the wazuh-indexer repository

* Update ECS templates for modified modules: states-fim-files states-fim-registry-keys states-fim-registry-values states-inventory-hardware states-inventory-hotfixes states-inventory-interfaces states-inventory-networks states-inventory-packages states-inventory-ports states-inventory-processes states-inventory-protocols states-inventory-system states-vulnerabilities

* Add Changelog entry

---------

Co-authored-by: Wazuh Indexer Bot <github_devel_xdrsiem_indexer@wazuh.com>
This commit is contained in:
Álex Ruiz Becerra 2025-08-18 12:10:51 +02:00 committed by GitHub
parent 8647c821c9
commit 67ab3ec7b9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
41 changed files with 42 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -25,7 +25,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- Adapt setup plugin for 5.x [(#450)](https://github.com/wazuh/wazuh-indexer-plugins/pull/450)
- Third-party integrations maintenance [(#478)](https://github.com/wazuh/wazuh-indexer-plugins/pull/478) [(#540)](https://github.com/wazuh/wazuh-indexer-plugins/pull/540) [(#548)](https://github.com/wazuh/wazuh-indexer-plugins/pull/548)
- Replace and remove deprecated settings [(#476)](https://github.com/wazuh/wazuh-indexer-plugins/pull/476)
- Migrate WCS changes from 4.x [(#488)](https://github.com/wazuh/wazuh-indexer-plugins/pull/488)
- Migrate WCS changes from 4.x [(#488)](https://github.com/wazuh/wazuh-indexer-plugins/pull/488) [(#552)](https://github.com/wazuh/wazuh-indexer-plugins/pull/552)
- Implement checksum fields into stateful ECS mappings [(#519)](https://github.com/wazuh/wazuh-indexer-plugins/pull/519)
- FIM indices rework [(#509)](https://github.com/wazuh/wazuh-indexer-plugins/pull/509)

2
ecs/states-fim-files/fields/template-settings-legacy.json
View File

@ -6,7 +6,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

6
ecs/states-fim-files/fields/template-settings.json
View File

@ -1,7 +1,5 @@
{
"index_patterns": [
"wazuh-states-fim-files*"
],
"index_patterns": ["wazuh-states-fim-files*"],
"priority": 1,
"template": {
"settings": {
@ -9,7 +7,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-fim-registry-keys/fields/template-settings-legacy.json
View File

@ -6,7 +6,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-fim-registry-keys/fields/template-settings.json
View File

@ -7,7 +7,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-fim-registry-values/fields/template-settings-legacy.json
View File

@ -6,7 +6,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-fim-registry-values/fields/template-settings.json
View File

@ -7,7 +7,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-hardware/fields/template-settings-legacy.json
View File

@ -6,7 +6,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-hardware/fields/template-settings.json
View File

@ -9,7 +9,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-hotfixes/fields/template-settings-legacy.json
View File

@ -6,7 +6,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-hotfixes/fields/template-settings.json
View File

@ -9,7 +9,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-interfaces/fields/template-settings-legacy.json
View File

@ -6,7 +6,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.id",
"agent.name",

2
ecs/states-inventory-interfaces/fields/template-settings.json
View File

@ -9,7 +9,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.id",
"agent.name",

2
ecs/states-inventory-networks/fields/template-settings-legacy.json
View File

@ -6,7 +6,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.id",
"agent.name",

2
ecs/states-inventory-networks/fields/template-settings.json
View File

@ -9,7 +9,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.id",
"agent.name",

2
ecs/states-inventory-packages/fields/template-settings-legacy.json
View File

@ -6,7 +6,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-packages/fields/template-settings.json
View File

@ -7,7 +7,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-ports/fields/template-settings-legacy.json
View File

@ -6,7 +6,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-ports/fields/template-settings.json
View File

@ -9,7 +9,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-processes/fields/template-settings-legacy.json
View File

@ -6,7 +6,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-processes/fields/template-settings.json
View File

@ -7,7 +7,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

1
ecs/states-inventory-protocols/event-generator/event_generator.py
View File

@ -33,6 +33,7 @@ def generate_random_data(number):
"agent": generate_random_agent(),
"checksum": generate_random_checksum(),
"network": generate_random_network(),
"interface": generate_random_interface(),
"wazuh": generate_random_wazuh(),
}
data.append(event_data)

2
ecs/states-inventory-protocols/fields/template-settings-legacy.json
View File

@ -6,7 +6,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-protocols/fields/template-settings.json
View File

@ -9,7 +9,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-system/fields/template-settings-legacy.json
View File

@ -6,7 +6,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-inventory-system/fields/template-settings.json
View File

@ -9,7 +9,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-vulnerabilities/fields/template-settings-legacy.json
View File

@ -7,7 +7,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
ecs/states-vulnerabilities/fields/template-settings.json
View File

@ -8,7 +8,7 @@
"number_of_shards": "1",
"number_of_replicas": "0",
"auto_expand_replicas": "0-1",
"refresh_interval": "5s",
"refresh_interval": "2s",
"query.default_field": [
"agent.host.architecture",
"agent.host.ip",

2
plugins/setup/src/main/resources/index-template-fim-files.json
View File

@ -165,7 +165,7 @@
"wazuh.cluster.node",
"wazuh.schema.version"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}

2
plugins/setup/src/main/resources/index-template-fim-registry-keys.json
View File

@ -141,7 +141,7 @@
"wazuh.cluster.node",
"wazuh.schema.version"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}

2
plugins/setup/src/main/resources/index-template-fim-registry-values.json
View File

@ -149,7 +149,7 @@
"wazuh.cluster.node",
"wazuh.schema.version"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}

2
plugins/setup/src/main/resources/index-template-hardware.json
View File

@ -128,7 +128,7 @@
"wazuh.cluster.node",
"wazuh.schema.version"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}

2
plugins/setup/src/main/resources/index-template-hotfixes.json
View File

@ -101,7 +101,7 @@
"wazuh.cluster.node",
"wazuh.schema.version"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}

2
plugins/setup/src/main/resources/index-template-interfaces.json
View File

@ -155,7 +155,7 @@
"wazuh.cluster.name",
"wazuh.cluster.node"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}

2
plugins/setup/src/main/resources/index-template-networks.json
View File

@ -119,7 +119,7 @@
"wazuh.cluster.name",
"wazuh.cluster.node"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}

2
plugins/setup/src/main/resources/index-template-packages.json
View File

@ -154,7 +154,7 @@
"wazuh.cluster.node",
"wazuh.schema.version"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}

2
plugins/setup/src/main/resources/index-template-ports.json
View File

@ -173,7 +173,7 @@
"wazuh.cluster.node",
"wazuh.schema.version"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}

2
plugins/setup/src/main/resources/index-template-processes.json
View File

@ -138,7 +138,7 @@
"wazuh.cluster.node",
"wazuh.schema.version"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}

2
plugins/setup/src/main/resources/index-template-protocols.json
View File

@ -114,7 +114,7 @@
"wazuh.cluster.node",
"wazuh.schema.version"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}

2
plugins/setup/src/main/resources/index-template-system.json
View File

@ -183,7 +183,7 @@
"wazuh.cluster.node",
"wazuh.schema.version"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}

2
plugins/setup/src/main/resources/index-template-vulnerabilities.json
View File

@ -277,7 +277,7 @@
"wazuh.cluster.node",
"wazuh.schema.version"
],
"refresh_interval": "5s"
"refresh_interval": "2s"
}
}
}