wazuh-ruby-client 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +20 -0
- data/.rspec +3 -0
- data/.travis.yml +7 -0
- data/CHANGELOG.md +0 -0
- data/Gemfile +5 -0
- data/LICENSE +21 -0
- data/README.md +74 -0
- data/Rakefile +6 -0
- data/docs/.nojekyll +0 -0
- data/docs/Wazuh/Api/Endpoints/ActiveResponse.html +278 -0
- data/docs/Wazuh/Api/Endpoints/Agents.html +1877 -0
- data/docs/Wazuh/Api/Endpoints/Cache.html +415 -0
- data/docs/Wazuh/Api/Endpoints/Ciscat.html +418 -0
- data/docs/Wazuh/Api/Endpoints/Cluster.html +2270 -0
- data/docs/Wazuh/Api/Endpoints/Decoders.html +860 -0
- data/docs/Wazuh/Api/Endpoints/Experimental.html +2610 -0
- data/docs/Wazuh/Api/Endpoints/Lists.html +452 -0
- data/docs/Wazuh/Api/Endpoints/Manager.html +1596 -0
- data/docs/Wazuh/Api/Endpoints/Rootcheck.html +1025 -0
- data/docs/Wazuh/Api/Endpoints/Rules.html +872 -0
- data/docs/Wazuh/Api/Endpoints/SecurityConfigurationAssessment.html +680 -0
- data/docs/Wazuh/Api/Endpoints/Summary.html +199 -0
- data/docs/Wazuh/Api/Endpoints/Syscheck.html +755 -0
- data/docs/Wazuh/Api/Endpoints/Syscollector.html +2069 -0
- data/docs/Wazuh/Api/Endpoints.html +292 -0
- data/docs/Wazuh/Api/Errors/TooManyRequestsError.html +398 -0
- data/docs/Wazuh/Api/Errors/WazuhError.html +290 -0
- data/docs/Wazuh/Api/Errors.html +117 -0
- data/docs/Wazuh/Api.html +133 -0
- data/docs/Wazuh/Client.html +521 -0
- data/docs/Wazuh/Config.html +223 -0
- data/docs/Wazuh/Faraday/Connection.html +110 -0
- data/docs/Wazuh/Faraday/Request.html +335 -0
- data/docs/Wazuh/Faraday/Response/RaiseError.html +191 -0
- data/docs/Wazuh/Faraday/Response.html +115 -0
- data/docs/Wazuh/Faraday.html +117 -0
- data/docs/Wazuh/Logger.html +201 -0
- data/docs/Wazuh.html +256 -0
- data/docs/WazuhRubyClient.html +121 -0
- data/docs/_index.html +391 -0
- data/docs/class_list.html +51 -0
- data/docs/css/common.css +1 -0
- data/docs/css/full_list.css +58 -0
- data/docs/css/style.css +496 -0
- data/docs/file.README.html +142 -0
- data/docs/file_list.html +56 -0
- data/docs/frames.html +17 -0
- data/docs/index.html +142 -0
- data/docs/js/app.js +292 -0
- data/docs/js/full_list.js +216 -0
- data/docs/js/jquery.js +4 -0
- data/docs/method_list.html +1059 -0
- data/docs/top-level-namespace.html +110 -0
- data/lib/tasks/api.rake +78 -0
- data/lib/wazuh/api/endpoints/active_response.rb +22 -0
- data/lib/wazuh/api/endpoints/agents.rb +175 -0
- data/lib/wazuh/api/endpoints/cache.rb +38 -0
- data/lib/wazuh/api/endpoints/ciscat.rb +43 -0
- data/lib/wazuh/api/endpoints/cluster.rb +199 -0
- data/lib/wazuh/api/endpoints/decoders.rb +91 -0
- data/lib/wazuh/api/endpoints/experimental.rb +309 -0
- data/lib/wazuh/api/endpoints/lists.rb +42 -0
- data/lib/wazuh/api/endpoints/manager.rb +156 -0
- data/lib/wazuh/api/endpoints/rootcheck.rb +93 -0
- data/lib/wazuh/api/endpoints/rules.rb +80 -0
- data/lib/wazuh/api/endpoints/security_configuration_assessment.rb +73 -0
- data/lib/wazuh/api/endpoints/summary.rb +15 -0
- data/lib/wazuh/api/endpoints/syscheck.rb +75 -0
- data/lib/wazuh/api/endpoints/syscollector.rb +227 -0
- data/lib/wazuh/api/endpoints.rb +37 -0
- data/lib/wazuh/api/error.rb +6 -0
- data/lib/wazuh/api/errors/too_many_requests_error.rb +22 -0
- data/lib/wazuh/api/errors/wazuh_error.rb +14 -0
- data/lib/wazuh/client.rb +27 -0
- data/lib/wazuh/config.rb +42 -0
- data/lib/wazuh/faraday/connection.rb +38 -0
- data/lib/wazuh/faraday/request.rb +38 -0
- data/lib/wazuh/faraday/response/raise_error.rb +11 -0
- data/lib/wazuh/logger.rb +13 -0
- data/lib/wazuh/version.rb +4 -0
- data/lib/wazuh-ruby-client/version.rb +3 -0
- data/lib/wazuh-ruby-client.rb +17 -0
- data/lib/wazuh_ruby_client.rb +2 -0
- data/wazuh-ruby-client.gemspec +43 -0
- metadata +200 -0
@@ -0,0 +1,110 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<meta charset="utf-8">
|
5
|
+
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
6
|
+
<title>
|
7
|
+
Top Level Namespace
|
8
|
+
|
9
|
+
— Documentation by YARD 0.9.16
|
10
|
+
|
11
|
+
</title>
|
12
|
+
|
13
|
+
<link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
|
14
|
+
|
15
|
+
<link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
|
16
|
+
|
17
|
+
<script type="text/javascript" charset="utf-8">
|
18
|
+
pathId = "";
|
19
|
+
relpath = '';
|
20
|
+
</script>
|
21
|
+
|
22
|
+
|
23
|
+
<script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
|
24
|
+
|
25
|
+
<script type="text/javascript" charset="utf-8" src="js/app.js"></script>
|
26
|
+
|
27
|
+
|
28
|
+
</head>
|
29
|
+
<body>
|
30
|
+
<div class="nav_wrap">
|
31
|
+
<iframe id="nav" src="class_list.html?1"></iframe>
|
32
|
+
<div id="resizer"></div>
|
33
|
+
</div>
|
34
|
+
|
35
|
+
<div id="main" tabindex="-1">
|
36
|
+
<div id="header">
|
37
|
+
<div id="menu">
|
38
|
+
|
39
|
+
<a href="_index.html">Index</a> »
|
40
|
+
|
41
|
+
|
42
|
+
<span class="title">Top Level Namespace</span>
|
43
|
+
|
44
|
+
</div>
|
45
|
+
|
46
|
+
<div id="search">
|
47
|
+
|
48
|
+
<a class="full_list_link" id="class_list_link"
|
49
|
+
href="class_list.html">
|
50
|
+
|
51
|
+
<svg width="24" height="24">
|
52
|
+
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
|
53
|
+
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
|
54
|
+
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
|
55
|
+
</svg>
|
56
|
+
</a>
|
57
|
+
|
58
|
+
</div>
|
59
|
+
<div class="clear"></div>
|
60
|
+
</div>
|
61
|
+
|
62
|
+
<div id="content"><h1>Top Level Namespace
|
63
|
+
|
64
|
+
|
65
|
+
|
66
|
+
</h1>
|
67
|
+
<div class="box_info">
|
68
|
+
|
69
|
+
|
70
|
+
|
71
|
+
|
72
|
+
|
73
|
+
|
74
|
+
|
75
|
+
|
76
|
+
|
77
|
+
|
78
|
+
|
79
|
+
</div>
|
80
|
+
|
81
|
+
<h2>Defined Under Namespace</h2>
|
82
|
+
<p class="children">
|
83
|
+
|
84
|
+
|
85
|
+
<strong class="modules">Modules:</strong> <span class='object_link'><a href="Wazuh.html" title="Wazuh (module)">Wazuh</a></span>, <span class='object_link'><a href="WazuhRubyClient.html" title="WazuhRubyClient (module)">WazuhRubyClient</a></span>
|
86
|
+
|
87
|
+
|
88
|
+
|
89
|
+
|
90
|
+
</p>
|
91
|
+
|
92
|
+
|
93
|
+
|
94
|
+
|
95
|
+
|
96
|
+
|
97
|
+
|
98
|
+
|
99
|
+
|
100
|
+
</div>
|
101
|
+
|
102
|
+
<div id="footer">
|
103
|
+
Generated on Sat Jan 25 00:19:39 2020 by
|
104
|
+
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
105
|
+
0.9.16 (ruby-2.5.1).
|
106
|
+
</div>
|
107
|
+
|
108
|
+
</div>
|
109
|
+
</body>
|
110
|
+
</html>
|
data/lib/tasks/api.rake
ADDED
@@ -0,0 +1,78 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
# largely from https://github.com/aki017/slack-ruby-gem
|
3
|
+
require 'json-schema'
|
4
|
+
require 'erubis'
|
5
|
+
require 'active_support'
|
6
|
+
require 'active_support/core_ext'
|
7
|
+
|
8
|
+
namespace :wazuh do
|
9
|
+
namespace :api do
|
10
|
+
desc 'Update API.'
|
11
|
+
task update: [:git_update] do
|
12
|
+
group_schema = JSON.parse(File.read('lib/slack/web/api/schema/group.json'))
|
13
|
+
dirglob = 'lib/slack/web/api/slack-api-ref/groups/**/*.json'
|
14
|
+
groups = Dir.glob(dirglob).each_with_object({}) do |path, result|
|
15
|
+
name = File.basename(path, '.json')
|
16
|
+
parsed = JSON.parse(File.read(path))
|
17
|
+
parsed['undocumented'] = true if path =~ /undocumented/
|
18
|
+
JSON::Validator.validate(group_schema, parsed, insert_defaults: true)
|
19
|
+
result[name] = parsed
|
20
|
+
end
|
21
|
+
|
22
|
+
method_schema = JSON.parse(File.read('lib/slack/web/api/schema/method.json'))
|
23
|
+
data = [
|
24
|
+
Dir.glob('lib/slack/web/api/slack-api-ref/methods/**/*.json'),
|
25
|
+
Dir.glob('lib/slack/web/api/mixins/**/*.json')
|
26
|
+
].flatten.each_with_object({}) do |path, result|
|
27
|
+
file_name = File.basename(path, '.json')
|
28
|
+
prefix = file_name.split('.')[0..-2].join('.')
|
29
|
+
name = file_name.split('.')[-1]
|
30
|
+
result[prefix] ||= {}
|
31
|
+
parsed = JSON.parse(File.read(path))
|
32
|
+
parsed['undocumented'] = true if path =~ /undocumented/
|
33
|
+
JSON::Validator.validate(method_schema, parsed, insert_defaults: true)
|
34
|
+
result[prefix][name] = parsed
|
35
|
+
end
|
36
|
+
|
37
|
+
method_template = Erubis::Eruby.new(File.read('lib/slack/web/api/templates/method.erb'))
|
38
|
+
method_spec_template =
|
39
|
+
Erubis::Eruby.new(File.read('lib/slack/web/api/templates/method_spec.erb'))
|
40
|
+
command_template = Erubis::Eruby.new(File.read('lib/slack/web/api/templates/command.erb'))
|
41
|
+
data.each_with_index do |(group, names), index|
|
42
|
+
printf "%2d/%2d %10s %s\n", index, data.size, group, names.keys
|
43
|
+
# method
|
44
|
+
snaked_group = group.tr('.', '_')
|
45
|
+
rendered_method = method_template.result(group: group, names: names)
|
46
|
+
File.write "lib/slack/web/api/endpoints/#{snaked_group}.rb", rendered_method
|
47
|
+
custom_spec_exists =
|
48
|
+
File.exist?("spec/slack/web/api/endpoints/custom_specs/#{group}_spec.rb")
|
49
|
+
unless custom_spec_exists
|
50
|
+
rendered_method_spec = method_spec_template.result(group: group, names: names)
|
51
|
+
File.write "spec/slack/web/api/endpoints/#{snaked_group}_spec.rb", rendered_method_spec
|
52
|
+
end
|
53
|
+
Dir.glob("lib/slack/web/api/patches/#{group}*.patch").sort.each do |patch|
|
54
|
+
puts "- patching #{patch}"
|
55
|
+
system("git apply #{patch}") || raise('failed to apply patch')
|
56
|
+
end
|
57
|
+
# command
|
58
|
+
raise "Missing group #{group}" unless groups.key?(group)
|
59
|
+
|
60
|
+
rendered_command = command_template.result(group: groups[group], names: names)
|
61
|
+
File.write "bin/commands/#{snaked_group}.rb", rendered_command
|
62
|
+
end
|
63
|
+
|
64
|
+
endpoints_template =
|
65
|
+
Erubis::Eruby.new(File.read('lib/slack/web/api/templates/endpoints.erb'))
|
66
|
+
File.write(
|
67
|
+
'lib/slack/web/api/endpoints.rb',
|
68
|
+
endpoints_template.result(files: data.keys.map { |key| key.tr('.', '_') })
|
69
|
+
)
|
70
|
+
|
71
|
+
commands_template = Erubis::Eruby.new(File.read('lib/slack/web/api/templates/commands.erb'))
|
72
|
+
File.write(
|
73
|
+
'bin/commands.rb',
|
74
|
+
commands_template.result(files: data.keys.map { |key| key.tr('.', '_') })
|
75
|
+
)
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
module Wazuh
|
2
|
+
module Api
|
3
|
+
module Endpoints
|
4
|
+
module ActiveResponse
|
5
|
+
#
|
6
|
+
# Run an AR command in the agent
|
7
|
+
# Runs an Active Response command on a specified agent.
|
8
|
+
#
|
9
|
+
# @param [String] agent_id
|
10
|
+
# @option options [command] :command
|
11
|
+
# Command running in the agent. If this value starts by !, then it refers to a script name instead of a command name.
|
12
|
+
# @option options [custom] :custom
|
13
|
+
# Whether the specified command is a custom command or not.
|
14
|
+
# @option options [arguments] :arguments
|
15
|
+
# Array with command arguments.
|
16
|
+
def run_active_response_command(agent_id, options = {})
|
17
|
+
put "/active-response/#{agent_id}", options
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,175 @@
|
|
1
|
+
module Wazuh
|
2
|
+
module Api
|
3
|
+
module Endpoints
|
4
|
+
module Agents
|
5
|
+
#
|
6
|
+
# Returns a list with the available agents.
|
7
|
+
#
|
8
|
+
# @option options [offset] :offset
|
9
|
+
# First element to return in the collection.
|
10
|
+
# @option options [limit] :limit
|
11
|
+
# Maximum number of elements to return.
|
12
|
+
# @option options [select] :select
|
13
|
+
# Select which fields to return (separated by comma).
|
14
|
+
# @option options [sort] :sort
|
15
|
+
# Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
|
16
|
+
# @option options [search] :search
|
17
|
+
# Looks for elements with the specified string.
|
18
|
+
# @option options [status] :status
|
19
|
+
# Filters by agent status. Use commas to enter multiple statuses.
|
20
|
+
# Allowed values: active, pending, neverconnected, disconnected
|
21
|
+
# @option options [q] :q
|
22
|
+
# Query to filter results by. For example q=”status=Active”
|
23
|
+
# @option options [order_than] :order_than
|
24
|
+
# Filters out disconnected agents for longer than specified. Time in seconds, ‘[n_days]d’, ‘[n_hours]h’, ‘[n_minutes]m’ or ‘[n_seconds]s’. For never connected agents, uses the register date.
|
25
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-all-agents
|
26
|
+
def all_agents(options = {})
|
27
|
+
get '/agents', options
|
28
|
+
end
|
29
|
+
|
30
|
+
# Returns various information from an agent.
|
31
|
+
#
|
32
|
+
# @param [String] agent_id
|
33
|
+
# ID to agent
|
34
|
+
# @option options [select] :select
|
35
|
+
# List of selected fields separated by commas.
|
36
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-an-agent
|
37
|
+
def agent(agent_id, options = {})
|
38
|
+
get "/agents/#{agent_id}", options
|
39
|
+
end
|
40
|
+
|
41
|
+
# Returns various information from an agent called :agent_name.
|
42
|
+
#
|
43
|
+
# @param [String] agent_name
|
44
|
+
# Name to agent
|
45
|
+
# @option options [select] :select
|
46
|
+
# List of selected fields separated by commas.
|
47
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-an-agent-by-its-name
|
48
|
+
def agent_by_name(agent_name, options = {})
|
49
|
+
get "/agents/name/#{agent_name}", options
|
50
|
+
end
|
51
|
+
|
52
|
+
# Returns the key of an agent.
|
53
|
+
#
|
54
|
+
# @param [String] agent_id
|
55
|
+
# ID to agent
|
56
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-agent-key
|
57
|
+
def agent_key(agent_id, options = {})
|
58
|
+
get "/agents/#{agent_id}/key"
|
59
|
+
end
|
60
|
+
|
61
|
+
# Restarts a list of agents.
|
62
|
+
#
|
63
|
+
# @option options [ids] :ids
|
64
|
+
# Array of agent ID’s.
|
65
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#restart-a-list-of-agents
|
66
|
+
def restart_agents(options = {})
|
67
|
+
post '/agents/restart', options
|
68
|
+
end
|
69
|
+
|
70
|
+
# Restarts all agents.
|
71
|
+
#
|
72
|
+
def restart_all_agents()
|
73
|
+
put '/agents/restart'
|
74
|
+
end
|
75
|
+
|
76
|
+
# Restart an agent.
|
77
|
+
#
|
78
|
+
# @param [String] agent_id
|
79
|
+
# Agent unique ID.
|
80
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#restart-an-agent
|
81
|
+
def restart_an_agents(agent_id, options = {})
|
82
|
+
put "/agents/#{agent_id}/restart"
|
83
|
+
end
|
84
|
+
|
85
|
+
# Returns all the different combinations that agents have for the selected fields. It also indicates the total number of agents that have each combination.
|
86
|
+
#
|
87
|
+
# @option options [offset] :offset
|
88
|
+
# First element to return in the collection.
|
89
|
+
# @option options [limit] :limit
|
90
|
+
# Maximum number of elements to return.
|
91
|
+
# @option options [sort] :sort
|
92
|
+
# Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
|
93
|
+
# @option options [search] :search
|
94
|
+
# Looks for elements with the specified string.
|
95
|
+
# @option options [fileds] :fileds
|
96
|
+
# List of fields affecting the operation.
|
97
|
+
# @option options [select] :select
|
98
|
+
# List of selected fields separated by commas.
|
99
|
+
# @option options [q] :q
|
100
|
+
# Query to filter result. For example q=”status=Active”
|
101
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-distinct-fields-in-agents
|
102
|
+
def distinct_fields_in_agents(options = {})
|
103
|
+
get '/agents/stats/distinct', options
|
104
|
+
end
|
105
|
+
|
106
|
+
# Returns the list of outdated agents.
|
107
|
+
#
|
108
|
+
# @option options [offset] :offset
|
109
|
+
# First element to return in the collection.
|
110
|
+
# @option options [limit] :limit
|
111
|
+
# Maximum number of elements to return.
|
112
|
+
# @option options [sort] :sort
|
113
|
+
# Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
|
114
|
+
# @option options [q] :q
|
115
|
+
# Query to filter result. For example q=”status=Active”
|
116
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-outdated-agents
|
117
|
+
def outdated_agents(options = {})
|
118
|
+
get '/agents/outdated', options
|
119
|
+
end
|
120
|
+
|
121
|
+
# Returns the upgrade result from an agent.
|
122
|
+
#
|
123
|
+
# @param [String] agent_id
|
124
|
+
# ID to agent
|
125
|
+
# @option options [timeout] :timeout
|
126
|
+
# Seconds to wait for the agent to respond.
|
127
|
+
def upgrade_result_from_agent(agent_id, options = {})
|
128
|
+
get "/agents/#{agent_id}/upgrade_result", options
|
129
|
+
end
|
130
|
+
|
131
|
+
# Add a new agent
|
132
|
+
#
|
133
|
+
# @option options [name] :name
|
134
|
+
# Name to agent
|
135
|
+
# @option options [ip] :ip
|
136
|
+
# IP to agent
|
137
|
+
# If this is not included, the API will get the IP automatically.
|
138
|
+
# If you are behind a proxy, you must set the option config.BehindProxyServer to yes at config.js.
|
139
|
+
# Allowed values: IP, IP/NET, ANY
|
140
|
+
# @option options [force] :force
|
141
|
+
# Remove the old agent with the same IP if disconnected since <force> seconds.
|
142
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#add-agent
|
143
|
+
def add_agent(options = {})
|
144
|
+
post '/agents', options
|
145
|
+
end
|
146
|
+
|
147
|
+
# Adds a new agent with name :agent_name. This agent will use ANY as IP.
|
148
|
+
#
|
149
|
+
# @option options [name] :name
|
150
|
+
# Name to agent
|
151
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#add-agent-quick-method
|
152
|
+
def add_agent_quick(options = {})
|
153
|
+
put '/agents', options
|
154
|
+
end
|
155
|
+
|
156
|
+
# Insert an agent with an existing id and key.
|
157
|
+
#
|
158
|
+
# @option options [name] :name
|
159
|
+
# Name to agent
|
160
|
+
# @option options [ip] :ip
|
161
|
+
# If this is not included, the API will get the IP automatically. If you are behind a proxy, you must set the option config.BehindProxyServer to yes at config.js.
|
162
|
+
# Allowed values: IP, IP/NET, ANY
|
163
|
+
# @option options [id] :id
|
164
|
+
# ID to agent
|
165
|
+
# @option options [key] :key
|
166
|
+
# Agent key. Minimum length: 64 characters. Allowed values: ^[a-zA-Z0-9]+$
|
167
|
+
# @option options [force] :force
|
168
|
+
# Remove the old agent the with same IP if disconnected since <force> seconds.
|
169
|
+
def insert_agent(options = {})
|
170
|
+
post '/agents/insert', options
|
171
|
+
end
|
172
|
+
end
|
173
|
+
end
|
174
|
+
end
|
175
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
module Wazuh
|
2
|
+
module Api
|
3
|
+
module Endpoints
|
4
|
+
module Cache
|
5
|
+
#
|
6
|
+
# Clears cache of the specified group.
|
7
|
+
#
|
8
|
+
# @params [String] group
|
9
|
+
# cache group
|
10
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#clear-group-cache
|
11
|
+
def clear_group_cache(group)
|
12
|
+
delete "/cache/#{group}"
|
13
|
+
end
|
14
|
+
|
15
|
+
# Clears entire cache.
|
16
|
+
#
|
17
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#delete-cache-index
|
18
|
+
def clear_cache
|
19
|
+
delete '/cache'
|
20
|
+
end
|
21
|
+
|
22
|
+
# Returns current cache index.
|
23
|
+
#
|
24
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-cache-index
|
25
|
+
def cache_index
|
26
|
+
get "/cache"
|
27
|
+
end
|
28
|
+
|
29
|
+
# Returns cache configuration
|
30
|
+
#
|
31
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#return-cache-configuration
|
32
|
+
def cache_config
|
33
|
+
get "/cache/config"
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
module Wazuh
|
2
|
+
module Api
|
3
|
+
module Endpoints
|
4
|
+
module Ciscat
|
5
|
+
#
|
6
|
+
# Returns the agent’s ciscat results info
|
7
|
+
#
|
8
|
+
# @param [String] agent_id
|
9
|
+
# ID to agent
|
10
|
+
# @option options [offset] :offset
|
11
|
+
# First element to return in the collection.
|
12
|
+
# @option options [limit] :limit
|
13
|
+
# Maximum number of elements to return.
|
14
|
+
# @option options [sort] :sort
|
15
|
+
# Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
|
16
|
+
# @option options [search] :search
|
17
|
+
# Looks for elements with the specified string.
|
18
|
+
# @option options [select] :select
|
19
|
+
# List of selected fields separated by commas.
|
20
|
+
# @option options [benchmark] :benchmark
|
21
|
+
# Filters by benchmark.
|
22
|
+
# @option options [profile] :profile
|
23
|
+
# Filters by evaluated profile.
|
24
|
+
# @option options [pass] :pass
|
25
|
+
# Filters by passed checks.
|
26
|
+
# @option options [fail] :fail
|
27
|
+
# Filters by failed checks.
|
28
|
+
# @option options [error] :error
|
29
|
+
# Filters by encountered errors.
|
30
|
+
# @option options [notchecked] :notchecked
|
31
|
+
# Filters by not checked.
|
32
|
+
# @option options [unknown] :unknown
|
33
|
+
# Filters by unknown results.
|
34
|
+
# @option options [score] :score
|
35
|
+
# Filters by final score.
|
36
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-cis-cat-results-from-an-agent
|
37
|
+
def ciscat_result(agent_id, options = {})
|
38
|
+
get "/ciscat/#{agent_id}/results", options
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
@@ -0,0 +1,199 @@
|
|
1
|
+
module Wazuh
|
2
|
+
module Api
|
3
|
+
module Endpoints
|
4
|
+
module Cluster
|
5
|
+
#
|
6
|
+
# Returns the requested configuration in JSON format.
|
7
|
+
#
|
8
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-active-configuration-in-node-node-id
|
9
|
+
def component_configuration_by_node(node_id, component, configuration, options = {})
|
10
|
+
get "/cluster/#{node_id}/config/#{component}/#{configuration}", options
|
11
|
+
end
|
12
|
+
|
13
|
+
# Returns ossec.conf in JSON format.
|
14
|
+
#
|
15
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-node-node-id-s-configuration
|
16
|
+
def configuration_by_node(node_id, options = {})
|
17
|
+
get "/cluster/#{node_id}/configuration", options
|
18
|
+
end
|
19
|
+
|
20
|
+
# Returns the cluster configuration.
|
21
|
+
#
|
22
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-the-cluster-configuration
|
23
|
+
def cluster_configuration(options = {})
|
24
|
+
get "/cluster/config", options
|
25
|
+
end
|
26
|
+
|
27
|
+
# Check Wazuh configuration in a cluster node
|
28
|
+
#
|
29
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#check-wazuh-configuration-in-a-cluster-node
|
30
|
+
def check_configuration_by_node(node_id)
|
31
|
+
get "/cluster/#{node_id}/configuration/validation"
|
32
|
+
end
|
33
|
+
|
34
|
+
# Check Wazuh configuration in all cluster nodes
|
35
|
+
#
|
36
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#check-wazuh-configuration-in-all-cluster-nodes
|
37
|
+
def check_configuration
|
38
|
+
get "/cluster/configuration/validation"
|
39
|
+
end
|
40
|
+
|
41
|
+
# Delete a remote file in a cluster node
|
42
|
+
#
|
43
|
+
# @param node_id
|
44
|
+
# @option options [path] :path
|
45
|
+
# Relative path of file. This parameter is mandatory.
|
46
|
+
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#delete-a-remote-file-in-a-cluster-node
|
47
|
+
def delete_remote_file(node_id, options)
|
48
|
+
delete "/cluster/#{node_id}/files", options
|
49
|
+
end
|
50
|
+
|
51
|
+
# Get local file from any cluster node
|
52
|
+
#
|
53
|
+
# @param node_id
|
54
|
+
# @option options [path] :path
|
55
|
+
# Relative path of file. This parameter is mandatory.
|
56
|
+
# @option options [validation] :validation
|
57
|
+
# Validates the content of the file. An error will be returned if file content is not strictly correct. False by default.
|
58
|
+
def get_remote_file(node_id, options)
|
59
|
+
get "/cluster/#{node_id}/files", options
|
60
|
+
end
|
61
|
+
|
62
|
+
# Update local file at any cluster node
|
63
|
+
#
|
64
|
+
# @param node_id
|
65
|
+
# @option options [file] :file
|
66
|
+
# Input file.
|
67
|
+
# @option options [path] :path
|
68
|
+
# Relative path were input file will be placed. This parameter is mandatory.
|
69
|
+
# @option options [overwrite] :overwrite
|
70
|
+
# Replaces the existing file. False by default.
|
71
|
+
def update_remote_file(node_id, options)
|
72
|
+
post "/cluster/#{node_id}/files", options
|
73
|
+
end
|
74
|
+
|
75
|
+
# Get info about cluster status
|
76
|
+
#
|
77
|
+
def cluster_status
|
78
|
+
get '/cluster/status'
|
79
|
+
end
|
80
|
+
|
81
|
+
# Get node node_id’s status
|
82
|
+
#
|
83
|
+
# @param node_id
|
84
|
+
def node_status(node_id)
|
85
|
+
get "/cluster/#{node_id}/status"
|
86
|
+
end
|
87
|
+
|
88
|
+
# Get node_id’s information
|
89
|
+
#
|
90
|
+
# @param node_id
|
91
|
+
def node_info(node_id)
|
92
|
+
get "/cluster/#{node_id}/info"
|
93
|
+
end
|
94
|
+
|
95
|
+
# Show cluster health
|
96
|
+
#
|
97
|
+
# @option options [node] :node
|
98
|
+
def cluster_healthcheck(options = {})
|
99
|
+
get '/cluster/healthcheck', options
|
100
|
+
end
|
101
|
+
|
102
|
+
# Get ossec.log from a specific node in cluster
|
103
|
+
#
|
104
|
+
# @param node_id
|
105
|
+
# @option options [offset] :offset
|
106
|
+
# First element to return in the collection.
|
107
|
+
# @option options [limit] :limit
|
108
|
+
# Maximum number of elements to return.
|
109
|
+
# @option options [sort] :sort
|
110
|
+
# Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
|
111
|
+
# @option options [search] :search
|
112
|
+
# Looks for elements with the specified string.
|
113
|
+
# @option options [type_log] :type_log
|
114
|
+
# Filters by type of log.
|
115
|
+
# Allowed values: all, error, warning, info
|
116
|
+
# @option options [category] :category
|
117
|
+
# Filters by category of log
|
118
|
+
def cluster_logs_by_node(node_id, options)
|
119
|
+
get "/cluster/#{node_id}/logs", options
|
120
|
+
end
|
121
|
+
|
122
|
+
# Get summary of ossec.log from a specific node in cluster
|
123
|
+
#
|
124
|
+
# @param node_id
|
125
|
+
def cluster_logs_summary_by_node(node_id)
|
126
|
+
get "/cluster/#{node_id}/logs/summary"
|
127
|
+
end
|
128
|
+
|
129
|
+
# Get local node info
|
130
|
+
#
|
131
|
+
def local_node
|
132
|
+
get '/cluster/node'
|
133
|
+
end
|
134
|
+
|
135
|
+
# Get node info
|
136
|
+
#
|
137
|
+
def node(node_name)
|
138
|
+
get "/cluster/nodes/#{node_name}"
|
139
|
+
end
|
140
|
+
|
141
|
+
# Get nodes info
|
142
|
+
#
|
143
|
+
def nodes(options = {})
|
144
|
+
get '/cluster/nodes', options
|
145
|
+
end
|
146
|
+
|
147
|
+
# Restart a specific node in cluster
|
148
|
+
#
|
149
|
+
# @param node_id
|
150
|
+
def restart_node(node_id)
|
151
|
+
put "/cluster/#{node_id}/restart"
|
152
|
+
end
|
153
|
+
|
154
|
+
# Restart all nodes in cluster
|
155
|
+
#
|
156
|
+
def restart_all_node
|
157
|
+
put '/cluster/restart'
|
158
|
+
end
|
159
|
+
|
160
|
+
# Get node node_id’s analysisd stats
|
161
|
+
#
|
162
|
+
# @param node_id
|
163
|
+
def analysisd_stats(node_id)
|
164
|
+
get "/cluster/#{node_id}/stats/analysisd"
|
165
|
+
end
|
166
|
+
|
167
|
+
# Get node node_id’s remoted stats
|
168
|
+
#
|
169
|
+
# @param node_id
|
170
|
+
def remoted_stats(node_id)
|
171
|
+
get "/cluster/#{node_id}/stats/remoted"
|
172
|
+
end
|
173
|
+
|
174
|
+
# Get node node_id’s stats
|
175
|
+
#
|
176
|
+
# @param node_id
|
177
|
+
# @option options [data] :data
|
178
|
+
# Selects the date for getting the statistical information. Format: YYYYMMDD
|
179
|
+
def nodes_stats(node_id, options)
|
180
|
+
get "/cluster/#{node_id}/stats", options
|
181
|
+
end
|
182
|
+
|
183
|
+
# Get node node_id’s stats by hour
|
184
|
+
#
|
185
|
+
# @param node_id
|
186
|
+
def nodes_stats_by_hourly(node_id)
|
187
|
+
get "/cluster/#{node_id}/stats/hourly"
|
188
|
+
end
|
189
|
+
|
190
|
+
# Get node node_id’s stats by weekly
|
191
|
+
#
|
192
|
+
# @param node_id
|
193
|
+
def nodes_stats_by_weekly(node_id)
|
194
|
+
get "/cluster/#{node_id}/stats/weekly"
|
195
|
+
end
|
196
|
+
end
|
197
|
+
end
|
198
|
+
end
|
199
|
+
end
|