wazuh-ruby-client 0.1.0

data/docs/top-level-namespace.html

@@ -0,0 +1,110 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>
+  Top Level Namespace
+  
+    &mdash; Documentation by YARD 0.9.16
+  
+</title>
+
+  <link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
+
+  <link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
+
+<script type="text/javascript" charset="utf-8">
+  pathId = "";
+  relpath = '';
+</script>
+
+
+  <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
+
+  <script type="text/javascript" charset="utf-8" src="js/app.js"></script>
+
+
+  </head>
+  <body>
+    <div class="nav_wrap">
+      <iframe id="nav" src="class_list.html?1"></iframe>
+      <div id="resizer"></div>
+    </div>
+
+    <div id="main" tabindex="-1">
+      <div id="header">
+        <div id="menu">
+  
+    <a href="_index.html">Index</a> &raquo;
+    
+    
+    <span class="title">Top Level Namespace</span>
+  
+</div>
+
+        <div id="search">
+  
+    <a class="full_list_link" id="class_list_link"
+        href="class_list.html">
+
+        <svg width="24" height="24">
+          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
+        </svg>
+    </a>
+  
+</div>
+        <div class="clear"></div>
+      </div>
+
+      <div id="content"><h1>Top Level Namespace
+  
+  
+  
+</h1>
+<div class="box_info">
+  
+
+  
+  
+  
+  
+  
+
+  
+
+  
+</div>
+
+<h2>Defined Under Namespace</h2>
+<p class="children">
+  
+    
+      <strong class="modules">Modules:</strong> <span class='object_link'><a href="Wazuh.html" title="Wazuh (module)">Wazuh</a></span>, <span class='object_link'><a href="WazuhRubyClient.html" title="WazuhRubyClient (module)">WazuhRubyClient</a></span>
+    
+  
+    
+  
+</p>
+
+
+
+
+
+
+
+
+
+</div>
+
+      <div id="footer">
+  Generated on Sat Jan 25 00:19:39 2020 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.9.16 (ruby-2.5.1).
+</div>
+
+    </div>
+  </body>
+</html>

data/lib/tasks/api.rake

@@ -0,0 +1,78 @@
+# frozen_string_literal: true
+# largely from https://github.com/aki017/slack-ruby-gem
+require 'json-schema'
+require 'erubis'
+require 'active_support'
+require 'active_support/core_ext'
+
+namespace :wazuh do
+  namespace :api do
+    desc 'Update API.'
+    task update: [:git_update] do
+      group_schema = JSON.parse(File.read('lib/slack/web/api/schema/group.json'))
+      dirglob = 'lib/slack/web/api/slack-api-ref/groups/**/*.json'
+      groups = Dir.glob(dirglob).each_with_object({}) do |path, result|
+        name = File.basename(path, '.json')
+        parsed = JSON.parse(File.read(path))
+        parsed['undocumented'] = true if path =~ /undocumented/
+        JSON::Validator.validate(group_schema, parsed, insert_defaults: true)
+        result[name] = parsed
+      end
+
+      method_schema = JSON.parse(File.read('lib/slack/web/api/schema/method.json'))
+      data = [
+        Dir.glob('lib/slack/web/api/slack-api-ref/methods/**/*.json'),
+        Dir.glob('lib/slack/web/api/mixins/**/*.json')
+      ].flatten.each_with_object({}) do |path, result|
+        file_name = File.basename(path, '.json')
+        prefix = file_name.split('.')[0..-2].join('.')
+        name = file_name.split('.')[-1]
+        result[prefix] ||= {}
+        parsed = JSON.parse(File.read(path))
+        parsed['undocumented'] = true if path =~ /undocumented/
+        JSON::Validator.validate(method_schema, parsed, insert_defaults: true)
+        result[prefix][name] = parsed
+      end
+
+      method_template = Erubis::Eruby.new(File.read('lib/slack/web/api/templates/method.erb'))
+      method_spec_template =
+        Erubis::Eruby.new(File.read('lib/slack/web/api/templates/method_spec.erb'))
+      command_template = Erubis::Eruby.new(File.read('lib/slack/web/api/templates/command.erb'))
+      data.each_with_index do |(group, names), index|
+        printf "%2d/%2d %10s %s\n", index, data.size, group, names.keys
+        # method
+        snaked_group = group.tr('.', '_')
+        rendered_method = method_template.result(group: group, names: names)
+        File.write "lib/slack/web/api/endpoints/#{snaked_group}.rb", rendered_method
+        custom_spec_exists =
+          File.exist?("spec/slack/web/api/endpoints/custom_specs/#{group}_spec.rb")
+        unless custom_spec_exists
+          rendered_method_spec = method_spec_template.result(group: group, names: names)
+          File.write "spec/slack/web/api/endpoints/#{snaked_group}_spec.rb", rendered_method_spec
+        end
+        Dir.glob("lib/slack/web/api/patches/#{group}*.patch").sort.each do |patch|
+          puts "- patching #{patch}"
+          system("git apply #{patch}") || raise('failed to apply patch')
+        end
+        # command
+        raise "Missing group #{group}" unless groups.key?(group)
+
+        rendered_command = command_template.result(group: groups[group], names: names)
+        File.write "bin/commands/#{snaked_group}.rb", rendered_command
+      end
+
+      endpoints_template =
+      Erubis::Eruby.new(File.read('lib/slack/web/api/templates/endpoints.erb'))
+      File.write(
+        'lib/slack/web/api/endpoints.rb',
+        endpoints_template.result(files: data.keys.map { |key| key.tr('.', '_') })
+      )
+
+      commands_template = Erubis::Eruby.new(File.read('lib/slack/web/api/templates/commands.erb'))
+      File.write(
+        'bin/commands.rb',
+        commands_template.result(files: data.keys.map { |key| key.tr('.', '_') })
+      )
+    end
+  end
+end

data/lib/wazuh/api/endpoints/active_response.rb

@@ -0,0 +1,22 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module ActiveResponse
+        #
+        # Run an AR command in the agent
+        # Runs an Active Response command on a specified agent.
+        #
+        # @param [String] agent_id
+        # @option options [command] :command
+        #   Command running in the agent. If this value starts by !, then it refers to a script name instead of a command name.
+        # @option options [custom] :custom
+        #   Whether the specified command is a custom command or not.
+        # @option options [arguments] :arguments
+        #   Array with command arguments.
+        def run_active_response_command(agent_id, options = {})
+          put "/active-response/#{agent_id}", options
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/agents.rb

@@ -0,0 +1,175 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module Agents
+        #
+        # Returns a list with the available agents.
+        # 
+        # @option options [offset] :offset
+        #   First element to return in the collection.
+        # @option options [limit] :limit
+        #   Maximum number of elements to return.
+        # @option options [select] :select
+        #   Select which fields to return (separated by comma).
+        # @option options [sort] :sort
+        #   Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
+        # @option options [search] :search
+        #   Looks for elements with the specified string.
+        # @option options [status] :status
+        #   Filters by agent status. Use commas to enter multiple statuses.
+        #   Allowed values: active, pending, neverconnected, disconnected
+        # @option options [q] :q
+        #   Query to filter results by. For example q=”status=Active”
+        # @option options [order_than] :order_than
+        #   Filters out disconnected agents for longer than specified. Time in seconds, ‘[n_days]d’, ‘[n_hours]h’, ‘[n_minutes]m’ or ‘[n_seconds]s’. For never connected agents, uses the register date.
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-all-agents
+        def all_agents(options = {})
+          get '/agents', options
+        end
+
+        # Returns various information from an agent.
+        #
+        # @param [String] agent_id
+        #   ID to agent
+        # @option options [select] :select
+        #   List of selected fields separated by commas.
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-an-agent
+        def agent(agent_id, options = {})
+          get "/agents/#{agent_id}", options
+        end
+
+        # Returns various information from an agent called :agent_name.
+        #
+        # @param [String] agent_name
+        #   Name to agent
+        # @option options [select] :select
+        #   List of selected fields separated by commas.
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-an-agent-by-its-name
+        def agent_by_name(agent_name, options = {})
+          get "/agents/name/#{agent_name}", options
+        end
+
+        # Returns the key of an agent.
+        #
+        # @param [String] agent_id
+        #   ID to agent
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-agent-key
+        def agent_key(agent_id, options = {})
+          get "/agents/#{agent_id}/key"
+        end
+
+        # Restarts a list of agents.
+        #
+        # @option options [ids] :ids
+        #   Array of agent ID’s.
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#restart-a-list-of-agents
+        def restart_agents(options = {})
+          post '/agents/restart', options
+        end
+
+        # Restarts all agents.
+        #
+        def restart_all_agents()
+          put '/agents/restart'
+        end
+
+        # Restart an agent.
+        #
+        # @param [String] agent_id
+        #   Agent unique ID.
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#restart-an-agent
+        def restart_an_agents(agent_id, options = {})
+          put "/agents/#{agent_id}/restart"
+        end
+
+        # Returns all the different combinations that agents have for the selected fields. It also indicates the total number of agents that have each combination.
+        #
+        # @option options [offset] :offset
+        #   First element to return in the collection.
+        # @option options [limit] :limit
+        #   Maximum number of elements to return.
+        # @option options [sort] :sort
+        #   Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
+        # @option options [search] :search
+        #   Looks for elements with the specified string.
+        # @option options [fileds] :fileds
+        #   List of fields affecting the operation.
+        # @option options [select] :select
+        #   List of selected fields separated by commas.
+        # @option options [q] :q
+        #   Query to filter result. For example q=”status=Active”
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-distinct-fields-in-agents
+        def distinct_fields_in_agents(options = {})
+          get '/agents/stats/distinct', options
+        end
+
+        # Returns the list of outdated agents.
+        #
+        # @option options [offset] :offset
+        #   First element to return in the collection.
+        # @option options [limit] :limit
+        #   Maximum number of elements to return.
+        # @option options [sort] :sort
+        #   Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
+        # @option options [q] :q
+        #   Query to filter result. For example q=”status=Active”
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-outdated-agents
+        def outdated_agents(options = {})
+          get '/agents/outdated', options
+        end
+
+        # Returns the upgrade result from an agent.
+        #
+        # @param [String] agent_id
+        #   ID to agent
+        # @option options [timeout] :timeout
+        #   Seconds to wait for the agent to respond.
+        def upgrade_result_from_agent(agent_id, options = {})
+          get "/agents/#{agent_id}/upgrade_result", options
+        end
+
+        # Add a new agent
+        #
+        # @option options [name] :name
+        #   Name to agent
+        # @option options [ip] :ip
+        #   IP to agent
+        #   If this is not included, the API will get the IP automatically.
+        #   If you are behind a proxy, you must set the option config.BehindProxyServer to yes at config.js.
+        #   Allowed values: IP, IP/NET, ANY
+        # @option options [force] :force
+        #   Remove the old agent with the same IP if disconnected since <force> seconds.
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#add-agent
+        def add_agent(options = {})
+          post '/agents', options
+        end
+
+        # Adds a new agent with name :agent_name. This agent will use ANY as IP.
+        #
+        # @option options [name] :name
+        #   Name to agent
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#add-agent-quick-method
+        def add_agent_quick(options = {})
+          put '/agents', options
+        end
+
+        # Insert an agent with an existing id and key.
+        #
+        # @option options [name] :name
+        #   Name to agent
+        # @option options [ip] :ip
+        #   If this is not included, the API will get the IP automatically. If you are behind a proxy, you must set the option config.BehindProxyServer to yes at config.js.
+        #   Allowed values: IP, IP/NET, ANY
+        # @option options [id] :id
+        #   ID to agent
+        # @option options [key] :key
+        #   Agent key. Minimum length: 64 characters. Allowed values: ^[a-zA-Z0-9]+$
+        # @option options [force] :force
+        #   Remove the old agent the with same IP if disconnected since <force> seconds.
+        def insert_agent(options = {})
+          post '/agents/insert', options
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/cache.rb

@@ -0,0 +1,38 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module Cache
+        #
+        # Clears cache of the specified group.
+        #
+        # @params [String] group
+        #   cache group
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#clear-group-cache
+        def clear_group_cache(group)
+          delete "/cache/#{group}"
+        end
+
+        # Clears entire cache.
+        #
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#delete-cache-index
+        def clear_cache
+          delete '/cache'
+        end
+
+        # Returns current cache index.
+        #
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-cache-index
+        def cache_index
+          get "/cache"
+        end
+
+        # Returns cache configuration
+        #
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#return-cache-configuration
+        def cache_config
+          get "/cache/config"
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/ciscat.rb

@@ -0,0 +1,43 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module Ciscat
+        #
+        # Returns the agent’s ciscat results info
+        #
+        # @param [String] agent_id
+        #   ID to agent
+        # @option options [offset] :offset
+        #   First element to return in the collection.
+        # @option options [limit] :limit
+        #   Maximum number of elements to return.
+        # @option options [sort] :sort
+        #   Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
+        # @option options [search] :search
+        #   Looks for elements with the specified string.
+        # @option options [select] :select
+        #   List of selected fields separated by commas.
+        # @option options [benchmark] :benchmark
+        #   Filters by benchmark.
+        # @option options [profile] :profile
+        #   Filters by evaluated profile.
+        # @option options [pass] :pass
+        #   Filters by passed checks.
+        # @option options [fail] :fail
+        #   Filters by failed checks.
+        # @option options [error] :error
+        #   Filters by encountered errors.
+        # @option options [notchecked] :notchecked
+        #   Filters by not checked.
+        # @option options [unknown] :unknown
+        #   Filters by unknown results.
+        # @option options [score] :score
+        #   Filters by final score.
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-cis-cat-results-from-an-agent
+        def ciscat_result(agent_id, options = {})
+          get "/ciscat/#{agent_id}/results", options
+        end
+      end
+    end
+  end
+end

data/lib/wazuh/api/endpoints/cluster.rb

@@ -0,0 +1,199 @@
+module Wazuh
+  module Api
+    module Endpoints
+      module Cluster
+        #
+        # Returns the requested configuration in JSON format.
+        #
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-active-configuration-in-node-node-id
+        def component_configuration_by_node(node_id, component, configuration, options = {})
+          get "/cluster/#{node_id}/config/#{component}/#{configuration}", options
+        end
+
+        # Returns ossec.conf in JSON format.
+        #
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-node-node-id-s-configuration
+        def configuration_by_node(node_id, options = {})
+          get "/cluster/#{node_id}/configuration", options
+        end
+
+        # Returns the cluster configuration.
+        #
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-the-cluster-configuration
+        def cluster_configuration(options = {})
+          get "/cluster/config", options
+        end
+
+        # Check Wazuh configuration in a cluster node
+        #
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#check-wazuh-configuration-in-a-cluster-node
+        def check_configuration_by_node(node_id)
+          get "/cluster/#{node_id}/configuration/validation"
+        end
+
+        # Check Wazuh configuration in all cluster nodes
+        #
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#check-wazuh-configuration-in-all-cluster-nodes
+        def check_configuration
+          get "/cluster/configuration/validation"
+        end
+
+        # Delete a remote file in a cluster node
+        #
+        # @param node_id
+        # @option options [path] :path
+        #   Relative path of file. This parameter is mandatory.
+        # @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#delete-a-remote-file-in-a-cluster-node
+        def delete_remote_file(node_id, options)
+          delete "/cluster/#{node_id}/files", options
+        end
+
+        # Get local file from any cluster node
+        #
+        # @param node_id
+        # @option options [path] :path
+        #   Relative path of file. This parameter is mandatory.
+        # @option options [validation] :validation
+        #   Validates the content of the file. An error will be returned if file content is not strictly correct. False by default.
+        def get_remote_file(node_id, options)
+          get "/cluster/#{node_id}/files", options
+        end
+
+        # Update local file at any cluster node
+        #
+        # @param node_id
+        # @option options [file] :file
+        #   Input file.
+        # @option options [path] :path
+        #   Relative path were input file will be placed. This parameter is mandatory.
+        # @option options [overwrite] :overwrite
+        #   Replaces the existing file. False by default.
+        def update_remote_file(node_id, options)
+          post "/cluster/#{node_id}/files", options
+        end
+
+        # Get info about cluster status
+        #
+        def cluster_status
+          get '/cluster/status'
+        end
+
+        # Get node node_id’s status
+        #
+        # @param node_id
+        def node_status(node_id)
+          get "/cluster/#{node_id}/status"
+        end
+
+        # Get node_id’s information
+        #
+        # @param node_id
+        def node_info(node_id)
+          get "/cluster/#{node_id}/info"
+        end
+
+        # Show cluster health
+        #
+        # @option options [node] :node
+        def cluster_healthcheck(options = {})
+          get '/cluster/healthcheck', options
+        end
+
+        # Get ossec.log from a specific node in cluster
+        #
+        # @param node_id
+        # @option options [offset] :offset
+        #   First element to return in the collection.
+        # @option options [limit] :limit
+        #   Maximum number of elements to return.
+        # @option options [sort] :sort
+        #   Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
+        # @option options [search] :search
+        #   Looks for elements with the specified string.
+        # @option options [type_log] :type_log
+        #   Filters by type of log.
+        #   Allowed values: all, error, warning, info
+        # @option options [category] :category
+        #   Filters by category of log
+        def cluster_logs_by_node(node_id, options)
+          get "/cluster/#{node_id}/logs", options
+        end
+
+        # Get summary of ossec.log from a specific node in cluster
+        #
+        # @param node_id
+        def cluster_logs_summary_by_node(node_id)
+          get "/cluster/#{node_id}/logs/summary"
+        end
+
+        # Get local node info
+        #
+        def local_node
+          get '/cluster/node'
+        end
+
+        # Get node info
+        #
+        def node(node_name)
+          get "/cluster/nodes/#{node_name}"
+        end
+
+        # Get nodes info
+        #
+        def nodes(options = {})
+          get '/cluster/nodes', options
+        end
+
+        # Restart a specific node in cluster
+        #
+        # @param node_id
+        def restart_node(node_id)
+          put "/cluster/#{node_id}/restart"
+        end
+
+        # Restart all nodes in cluster
+        #
+        def restart_all_node
+          put '/cluster/restart'
+        end
+
+        # Get node node_id’s analysisd stats
+        #
+        # @param node_id
+        def analysisd_stats(node_id)
+          get "/cluster/#{node_id}/stats/analysisd"
+        end
+
+        # Get node node_id’s remoted stats
+        #
+        # @param node_id
+        def remoted_stats(node_id)
+          get "/cluster/#{node_id}/stats/remoted"
+        end
+
+        # Get node node_id’s stats
+        #
+        # @param node_id
+        # @option options [data] :data
+        #   Selects the date for getting the statistical information. Format: YYYYMMDD
+        def nodes_stats(node_id, options)
+          get "/cluster/#{node_id}/stats", options
+        end
+
+        # Get node node_id’s stats by hour
+        #
+        # @param node_id
+        def nodes_stats_by_hourly(node_id)
+          get "/cluster/#{node_id}/stats/hourly"
+        end
+
+        # Get node node_id’s stats by weekly
+        #
+        # @param node_id
+        def nodes_stats_by_weekly(node_id)
+          get "/cluster/#{node_id}/stats/weekly"
+        end
+      end
+    end
+  end
+end