wazuh-ruby-client 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: bad57d1cdd24740b64102eec072ad28e55c7c84fd65eceac21392c5639290b6b
+  data.tar.gz: 57372d8a3539e4325ed0fa575e3d37226dfef3183e696ecbe60767f0db8a6ae6
+SHA512:
+  metadata.gz: 959166d9994319d4ea7c48d00e41c1b4f7c3a3cafefb3a8e7469d4ebf22edb0686faa2f588095eb1ca1068257ca7be4c23553e9405a067ca27e4e2dc0c0f0d95
+  data.tar.gz: 51fef2a90b29bcea95d6cb3e2dd75615a3b0ec0a432b1db13e2c401c1df644cebc8f674d78069aedfacc868bcba614ae4572e69ab73d96e95561712a64184f78

data/.gitignore

@@ -0,0 +1,20 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/pkg/
+/spec/reports/
+/tmp/
+/bin/console
+/bin/setup
+
+Gemfile.lock
+
+# rspec failure tracking
+.rspec_status
+*.crt
+*.key
+*.ca
+.env
+.bundle
+.DS_Store

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.travis.yml

@@ -0,0 +1,7 @@
+---
+sudo: false
+language: ruby
+cache: bundler
+rvm:
+  - 2.5.1
+before_install: gem install bundler -v 1.17.3

data/Gemfile

@@ -0,0 +1,5 @@
+source "https://rubygems.org"
+
+git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+
+gemspec

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 mrtc0
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,74 @@
+# Wazuh Ruby Client
+
+A Ruby client for the wazuh APIs.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'wazuh-ruby-client'
+```
+
+## Usage
+
+```ruby
+Wazuh.configure do |config|
+  config.endpoint = "https://wazuh.local:55000"
+  config.basic_user = "foo"
+  config.basic_password = "bar"
+  config.verify_ssl = false
+end
+
+client = Wazuh::Client.new
+client.all_agents
+# => {"error"=>0, "data"=>{"items"=>[{"os"=>{"arch"=>"x86_64", "codename"=>"Xenial Xerus", "major"=>"16", "minor"=>"04", "name"=>"Ubuntu", "platform"=>"ubuntu", "uname"=>"Linux |wazuh-manager-master-0 |4.14.138+ |#1 SMP Tue Sep 3 02:58:08 PDT 2019 |x86_64", "version"=>"16.04.6 LTS"}, "status"=>"Active", "name"=>"wazuh-manager-master-0", "registerIP"=>"127.0.0.1", "manager"=>"wazuh-manager-master-0", "dateAdd"=>"2020-01-07 16:13:05", "ip"=>"127.0.0.1", "node_name"=>"wazuh-manager-master", "version"=>"Wazuh v3.11.1", "lastKeepAlive"=>"9999-12-31 23:59:59", "id"=>"000"}], "totalItems"=>1}}
+```
+
+### Authorization
+
+Set `basic_user` and `basic_password` for basic authentication.  
+If you using self-signed certificate, `verify_ssl` must be set to `false` .
+
+```ruby
+Wazuh.configure do |config|
+  config.endpoint = "https://wazuh.local:55000"
+  config.basic_user = "foo"
+  config.basic_password = "bar"
+  config.verify_ssl = false
+end
+```
+
+If you are using client certificate authentication, set `client_key` and `client_cert` .
+
+```ruby
+require 'openssl'
+
+Wazuh.configure do |config|
+  config.endpoint = "https://wazuh.local:55000"
+  config.client_key = OpenSSL::PKey::RSA.new(File.read("./wazuh.key"))
+  config.client_cert = OpenSSL::X509::Certificate.new(File.read("./wazuh.crt"))
+end
+```
+
+## Support API
+
+- [x] Active Response
+- [x] Agents
+- [x] Cache
+- [x] Ciscat
+- [x] Cluster
+- [x] Decoders
+- [x] Experimental
+- [x] Lists
+- [x] Manager
+- [x] Rootcheck
+- [x] Rules
+- [x] Security Configuration Assessment
+- [x] Summary
+- [x] Syscheck
+- [x] Syscollector
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/mrtc0/wazuh-ruby-client.

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/docs/Wazuh/Api/Endpoints/ActiveResponse.html

@@ -0,0 +1,278 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>
+  Module: Wazuh::Api::Endpoints::ActiveResponse
+  
+    &mdash; Documentation by YARD 0.9.16
+  
+</title>
+
+  <link rel="stylesheet" href="../../../css/style.css" type="text/css" charset="utf-8" />
+
+  <link rel="stylesheet" href="../../../css/common.css" type="text/css" charset="utf-8" />
+
+<script type="text/javascript" charset="utf-8">
+  pathId = "Wazuh::Api::Endpoints::ActiveResponse";
+  relpath = '../../../';
+</script>
+
+
+  <script type="text/javascript" charset="utf-8" src="../../../js/jquery.js"></script>
+
+  <script type="text/javascript" charset="utf-8" src="../../../js/app.js"></script>
+
+
+  </head>
+  <body>
+    <div class="nav_wrap">
+      <iframe id="nav" src="../../../class_list.html?1"></iframe>
+      <div id="resizer"></div>
+    </div>
+
+    <div id="main" tabindex="-1">
+      <div id="header">
+        <div id="menu">
+  
+    <a href="../../../_index.html">Index (A)</a> &raquo;
+    <span class='title'><span class='object_link'><a href="../../../Wazuh.html" title="Wazuh (module)">Wazuh</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Api.html" title="Wazuh::Api (module)">Api</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Endpoints.html" title="Wazuh::Api::Endpoints (module)">Endpoints</a></span></span>
+     &raquo; 
+    <span class="title">ActiveResponse</span>
+  
+</div>
+
+        <div id="search">
+  
+    <a class="full_list_link" id="class_list_link"
+        href="../../../class_list.html">
+
+        <svg width="24" height="24">
+          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
+        </svg>
+    </a>
+  
+</div>
+        <div class="clear"></div>
+      </div>
+
+      <div id="content"><h1>Module: Wazuh::Api::Endpoints::ActiveResponse
+  
+  
+  
+</h1>
+<div class="box_info">
+  
+
+  
+  
+  
+  
+  
+
+  
+  <dl>
+    <dt>Included in:</dt>
+    <dd><span class='object_link'><a href="../Endpoints.html" title="Wazuh::Api::Endpoints (module)">Wazuh::Api::Endpoints</a></span></dd>
+  </dl>
+  
+
+  
+  <dl>
+    <dt>Defined in:</dt>
+    <dd>lib/wazuh/api/endpoints/active_response.rb</dd>
+  </dl>
+  
+</div>
+
+
+
+
+
+
+
+
+  
+    <h2>
+      Instance Method Summary
+      <small><a href="#" class="summary_toggle">collapse</a></small>
+    </h2>
+
+    <ul class="summary">
+      
+        <li class="public ">
+  <span class="summary_signature">
+    
+      <a href="#run_active_response_command-instance_method" title="#run_active_response_command (instance method)">#<strong>run_active_response_command</strong>(agent_id, options = {})  &#x21d2; Object </a>
+    
+
+    
+  </span>
+  
+  
+  
+  
+  
+  
+  
+
+  
+    <span class="summary_desc"><div class='inline'>
+<p>Run an AR command in the agent Runs an Active Response command on a
+specified agent.</p>
+</div></span>
+  
+</li>
+
+      
+    </ul>
+  
+
+
+
+  <div id="instance_method_details" class="method_details_list">
+    <h2>Instance Method Details</h2>
+
+    
+      <div class="method_details first">
+  <h3 class="signature first" id="run_active_response_command-instance_method">
+  
+    #<strong>run_active_response_command</strong>(agent_id, options = {})  &#x21d2; <tt>Object</tt> 
+  
+
+  
+
+  
+</h3><div class="docstring">
+  <div class="discussion">
+    
+<p>Run an AR command in the agent Runs an Active Response command on a
+specified agent.</p>
+
+
+  </div>
+</div>
+<div class="tags">
+  <p class="tag_title">Parameters:</p>
+<ul class="param">
+  
+    <li>
+      
+        <span class='name'>agent_id</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>options</span>
+      
+      
+        <span class='type'>(<tt>Hash</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>{}</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>a customizable set of options</p>
+</div>
+      
+    </li>
+  
+</ul>
+
+  
+    
+    
+    
+    
+    <p class="tag_title">Options Hash (<tt>options</tt>):</p>
+    <ul class="option">
+      
+        <li>
+          <span class="name">:command</span>
+          <span class="type">(<tt>command</tt>)</span>
+          <span class="default">
+            
+          </span>
+          
+            &mdash; <div class='inline'>
+<p>Command running in the agent. If this value starts by !, then it refers to
+a script name instead of a command name.</p>
+</div>
+          
+        </li>
+      
+        <li>
+          <span class="name">:custom</span>
+          <span class="type">(<tt>custom</tt>)</span>
+          <span class="default">
+            
+          </span>
+          
+            &mdash; <div class='inline'>
+<p>Whether the specified command is a custom command or not.</p>
+</div>
+          
+        </li>
+      
+        <li>
+          <span class="name">:arguments</span>
+          <span class="type">(<tt>arguments</tt>)</span>
+          <span class="default">
+            
+          </span>
+          
+            &mdash; <div class='inline'>
+<p>Array with command arguments.</p>
+</div>
+          
+        </li>
+      
+    </ul>
+  
+
+
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+
+
+16
+17
+18</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/wazuh/api/endpoints/active_response.rb', line 16</span>
+
+<span class='kw'>def</span> <span class='id identifier rubyid_run_active_response_command'>run_active_response_command</span><span class='lparen'>(</span><span class='id identifier rubyid_agent_id'>agent_id</span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_put'>put</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/active-response/</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_agent_id'>agent_id</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_options'>options</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+    
+  </div>
+
+</div>
+
+      <div id="footer">
+  Generated on Sat Jan 25 00:19:41 2020 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.9.16 (ruby-2.5.1).
+</div>
+
+    </div>
+  </body>
+</html>