wazuh-ruby-client 0.2.4 → 0.2.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/rspec-ci.yml +2 -2
- data/.gitignore +2 -0
- data/CHANGELOG.md +26 -0
- data/README.md +2 -0
- data/lib/wazuh-ruby-client/version.rb +1 -1
- data/lib/wazuh/api/endpoints/agents.rb +32 -4
- data/lib/wazuh/api/endpoints/ciscat.rb +1 -2
- data/lib/wazuh/api/endpoints/cluster.rb +2 -4
- data/lib/wazuh/api/endpoints/decoders.rb +4 -8
- data/lib/wazuh/api/endpoints/experimental.rb +9 -18
- data/lib/wazuh/api/endpoints/lists.rb +2 -4
- data/lib/wazuh/api/endpoints/manager.rb +1 -2
- data/lib/wazuh/api/endpoints/rootcheck.rb +3 -6
- data/lib/wazuh/api/endpoints/rules.rb +9 -18
- data/lib/wazuh/api/endpoints/security_configuration_assessment.rb +2 -4
- data/lib/wazuh/api/endpoints/syscheck.rb +1 -2
- data/lib/wazuh/api/endpoints/syscollector.rb +6 -12
- data/lib/wazuh/config.rb +4 -0
- data/lib/wazuh/sawyer/connection.rb +2 -0
- data/lib/wazuh/sawyer/request.rb +15 -4
- data/lib/wazuh/version.rb +1 -1
- data/wazuh-ruby-client.gemspec +1 -1
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d112a0cd50547b2e1884a85c76754903fe0e425b1eea395a88d2073ef940e484
|
|
4
|
+
data.tar.gz: 875c1f5079579d1a29b9a34bff59a721c614447770696d8a7e50fd9efbf82383
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cfe8b91a45b82511920cd43eb8ed477b2694560ef8d5215f93c4dc4d04792295336e9051d90d99c87d17d5e4611b7a2c52677670ef40da7358cd204af6a17582
|
|
7
|
+
data.tar.gz: 112107a8acdc5f84714932e84c207d95c1b07a685a91ae83cabb5cbbdf5849f088e6e0d9cdb0c1fca9a1c96ad24b37abe1db26a0e67bfdc224783de9ce1390c6
|
data/.gitignore
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,32 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [0.2.9]
|
|
11
|
+
|
|
12
|
+
- Adds availability to ignore env proxy settings [#25](https://github.com/mrtc0/wazuh-ruby-client/pull/25). Thanks @falegk
|
|
13
|
+
- Add the `ca_file` option to Wazuh.Config to specify a CA file [#26](https://github.com/mrtc0/wazuh-ruby-client/pull/26). Thanks @k1LoW
|
|
14
|
+
|
|
15
|
+
## [0.2.8]
|
|
16
|
+
|
|
17
|
+
- fix bug. return with response body.
|
|
18
|
+
|
|
19
|
+
## [0.2.7]
|
|
20
|
+
|
|
21
|
+
- Returns `Wazuh::Api::Errors` when an error is returned from a non wazuh api
|
|
22
|
+
|
|
23
|
+
## [0.2.6]
|
|
24
|
+
|
|
25
|
+
- Support agent upgrade endpoint
|
|
26
|
+
- `/agents/:agent_id/upgrade_custom`
|
|
27
|
+
- `/agents/:agent_id/upgrade`
|
|
28
|
+
|
|
29
|
+
## [0.2.5]
|
|
30
|
+
|
|
31
|
+
- Get all items with `offset_request`
|
|
32
|
+
- So far only 500 items(Wazuh API default) have been retrieved that contain a `totalItems` field such as `#all_agents` .
|
|
33
|
+
- For such an endpoint, implemented `offset_request` to fetch all items.
|
|
34
|
+
- This change does not change the type of the return value. However, it may take some time because it sends repeated requests to get all the items.
|
|
35
|
+
|
|
10
36
|
## [0.2.4] - 2020-03-31
|
|
11
37
|
|
|
12
38
|
- `agents_by_group` also returns the `item` field.
|
data/README.md
CHANGED
|
@@ -63,6 +63,7 @@ The following global settings are supported via `Wazuh.configure` .
|
|
|
63
63
|
| setting | description |
|
|
64
64
|
|:--------|:------------|
|
|
65
65
|
| user_agent | User-Agent |
|
|
66
|
+
| ca_file | CA file (if use Client Certificate Authentication and specify CA file) |
|
|
66
67
|
| client_cert | Client certificate (if use Client Certificate Authentication) |
|
|
67
68
|
| client_key | Client Key (if use Client Certificate Authentication) |
|
|
68
69
|
| basic_user | Basic Authentication user name |
|
|
@@ -70,6 +71,7 @@ The following global settings are supported via `Wazuh.configure` .
|
|
|
70
71
|
| verify_ssl | Skip the SSL/TLS verify |
|
|
71
72
|
| logger | loggeer object |
|
|
72
73
|
| endpoint | Wazuh API endpoint URL |
|
|
74
|
+
| ignore_env_proxy | Ignores ENV proxy settings |
|
|
73
75
|
|
|
74
76
|
|
|
75
77
|
### Agents
|
|
@@ -23,8 +23,7 @@ module Wazuh
|
|
|
23
23
|
# @return [Array] Returns Array containing agents
|
|
24
24
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-all-agents
|
|
25
25
|
def all_agents(options = {})
|
|
26
|
-
|
|
27
|
-
data.items
|
|
26
|
+
offset_request('get', '/agents', options)
|
|
28
27
|
end
|
|
29
28
|
|
|
30
29
|
# Returns various information from an agent.
|
|
@@ -132,6 +131,36 @@ module Wazuh
|
|
|
132
131
|
get "/agents/#{agent_id}/upgrade_result", options
|
|
133
132
|
end
|
|
134
133
|
|
|
134
|
+
# Upgrade agent using custom file.
|
|
135
|
+
#
|
|
136
|
+
# @param [String] :agent_id
|
|
137
|
+
# Agent unique ID.
|
|
138
|
+
# @option options [String] :file_path
|
|
139
|
+
# Path to the WPK file. The file must be on a folder on the Wazuh’s installation directory (by default, <code>/var/ossec</code>).
|
|
140
|
+
# @option options [String] :installer
|
|
141
|
+
# Installation script.
|
|
142
|
+
# @see https://documentation.wazuh.com/3.12/user-manual/api/reference.html#upgrade-agent-using-custom-file
|
|
143
|
+
def agent_upgrade_custom(agent_id, options = {})
|
|
144
|
+
put "/agents/#{agent_id}/upgrade_custom", options
|
|
145
|
+
end
|
|
146
|
+
|
|
147
|
+
# Upgrade agent using online repository
|
|
148
|
+
#
|
|
149
|
+
# Upgrade the agent using a WPK file from online repository.
|
|
150
|
+
# @param [String] :agent_id
|
|
151
|
+
# @option options [String] :wpk_repo
|
|
152
|
+
# WPK repository.
|
|
153
|
+
# @option options [String] :version
|
|
154
|
+
# Wazuh version
|
|
155
|
+
# @option options [Boolean] :use_http
|
|
156
|
+
# Use protocol HTTP. If it is false use HTTPS. By default the value is set to false.
|
|
157
|
+
# @option options [Integer] :force
|
|
158
|
+
# Force upgrade. Allow values: 0 or 1.
|
|
159
|
+
# @see https://documentation.wazuh.com/3.12/user-manual/api/reference.html#upgrade-agent-using-online-repository
|
|
160
|
+
def agent_upgrade(agent_id, options = {})
|
|
161
|
+
put "/agents/#{agent_id}/upgrade", options
|
|
162
|
+
end
|
|
163
|
+
|
|
135
164
|
# Add a new agent
|
|
136
165
|
#
|
|
137
166
|
# @option options [name] :name
|
|
@@ -290,8 +319,7 @@ module Wazuh
|
|
|
290
319
|
# @option options [String] q
|
|
291
320
|
# @see https://documentation.wazuh.com/3.11/user-manual/api/reference.html#get-agents-in-a-group
|
|
292
321
|
def agents_by_group(group_id, options = {})
|
|
293
|
-
|
|
294
|
-
data.items
|
|
322
|
+
offset_request('get', "/agents/groups/#{group_id}", options)
|
|
295
323
|
end
|
|
296
324
|
|
|
297
325
|
# Get agents without group
|
|
@@ -35,8 +35,7 @@ module Wazuh
|
|
|
35
35
|
# Filters by final score.
|
|
36
36
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-cis-cat-results-from-an-agent
|
|
37
37
|
def ciscat_result(agent_id, options = {})
|
|
38
|
-
|
|
39
|
-
data.items
|
|
38
|
+
offset_request("get", "/ciscat/#{agent_id}/results", options)
|
|
40
39
|
end
|
|
41
40
|
end
|
|
42
41
|
end
|
|
@@ -116,8 +116,7 @@ module Wazuh
|
|
|
116
116
|
# @option options [category] :category
|
|
117
117
|
# Filters by category of log
|
|
118
118
|
def cluster_logs_by_node(node_id, options)
|
|
119
|
-
|
|
120
|
-
data.items
|
|
119
|
+
offset_request("get", "/cluster/#{node_id}/logs", options)
|
|
121
120
|
end
|
|
122
121
|
|
|
123
122
|
# Get summary of ossec.log from a specific node in cluster
|
|
@@ -142,8 +141,7 @@ module Wazuh
|
|
|
142
141
|
# Get nodes info
|
|
143
142
|
#
|
|
144
143
|
def nodes(options = {})
|
|
145
|
-
|
|
146
|
-
data.items
|
|
144
|
+
offset_request('get', '/cluster/nodes', options)
|
|
147
145
|
end
|
|
148
146
|
|
|
149
147
|
# Restart a specific node in cluster
|
|
@@ -23,8 +23,7 @@ module Wazuh
|
|
|
23
23
|
# Allowed values: enabled, disabled, all
|
|
24
24
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-all-decoders
|
|
25
25
|
def all_decoders(options = {})
|
|
26
|
-
|
|
27
|
-
data.items
|
|
26
|
+
offset_request("get", "/decoders", options)
|
|
28
27
|
end
|
|
29
28
|
|
|
30
29
|
# Get all decoders files
|
|
@@ -50,8 +49,7 @@ module Wazuh
|
|
|
50
49
|
# Name of the decoder file to download.
|
|
51
50
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-all-decoders-files
|
|
52
51
|
def all_decoders_files(options = {})
|
|
53
|
-
|
|
54
|
-
data.items
|
|
52
|
+
offset_request('get', '/decoders/files', options)
|
|
55
53
|
end
|
|
56
54
|
|
|
57
55
|
# Get all parent decoders
|
|
@@ -67,8 +65,7 @@ module Wazuh
|
|
|
67
65
|
# Looks for elements with the specified string.
|
|
68
66
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-all-parent-decoders
|
|
69
67
|
def all_parent_decoders(options = {})
|
|
70
|
-
|
|
71
|
-
data.items
|
|
68
|
+
offset_request('get', '/decoders/parents', options)
|
|
72
69
|
end
|
|
73
70
|
|
|
74
71
|
# Get decoders by name
|
|
@@ -86,8 +83,7 @@ module Wazuh
|
|
|
86
83
|
# Looks for elements with the specified string.
|
|
87
84
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-decoders-by-name
|
|
88
85
|
def decoders_by_name(decoder_name, options = {})
|
|
89
|
-
|
|
90
|
-
data.items
|
|
86
|
+
offset_request("get", "/decoders/#{decoder_name}", options)
|
|
91
87
|
end
|
|
92
88
|
end
|
|
93
89
|
end
|
|
@@ -42,8 +42,7 @@ module Wazuh
|
|
|
42
42
|
# Filters by board_serial.
|
|
43
43
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-hardware-info-of-all-agents
|
|
44
44
|
def experimental_hardware(options = {})
|
|
45
|
-
|
|
46
|
-
data.items
|
|
45
|
+
offset_request('get', '/experimental/syscollector/hardware', options)
|
|
47
46
|
end
|
|
48
47
|
|
|
49
48
|
# Get network address info of all agents
|
|
@@ -72,8 +71,7 @@ module Wazuh
|
|
|
72
71
|
# Filters by netmask.
|
|
73
72
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-network-address-info-of-all-agents
|
|
74
73
|
def experimental_netaddr(options = {})
|
|
75
|
-
|
|
76
|
-
data.items
|
|
74
|
+
offset_request('get', '/experimental/syscollector/netaddr', options)
|
|
77
75
|
end
|
|
78
76
|
|
|
79
77
|
# Get network interface info of all agents
|
|
@@ -109,8 +107,7 @@ module Wazuh
|
|
|
109
107
|
# @option options [rx_dropped] :rx_dropped
|
|
110
108
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-network-interface-info-of-all-agents
|
|
111
109
|
def experimental_netiface(options = {})
|
|
112
|
-
|
|
113
|
-
data.items
|
|
110
|
+
offset_request('get', '/experimental/syscollector/netiface', options)
|
|
114
111
|
end
|
|
115
112
|
|
|
116
113
|
# Get network protocol info of all agents
|
|
@@ -137,8 +134,7 @@ module Wazuh
|
|
|
137
134
|
# Filters by dhcp.
|
|
138
135
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-network-protocol-info-of-all-agents
|
|
139
136
|
def experimental_netproto(options = {})
|
|
140
|
-
|
|
141
|
-
data.items
|
|
137
|
+
offset_request('get', '/experimental/syscollector/netproto', options)
|
|
142
138
|
end
|
|
143
139
|
|
|
144
140
|
# Get os info of all agents
|
|
@@ -168,8 +164,7 @@ module Wazuh
|
|
|
168
164
|
# Filters by release.
|
|
169
165
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-os-info-of-all-agents
|
|
170
166
|
def experimental_os(options = {})
|
|
171
|
-
|
|
172
|
-
data.items
|
|
167
|
+
offset_request('get', '/experimentalsyscollector/os', options)
|
|
173
168
|
end
|
|
174
169
|
|
|
175
170
|
# Get packages info of all agents
|
|
@@ -198,8 +193,7 @@ module Wazuh
|
|
|
198
193
|
# Filters by format.
|
|
199
194
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-packages-info-of-all-agents
|
|
200
195
|
def experimental_packages(options = {})
|
|
201
|
-
|
|
202
|
-
data.items
|
|
196
|
+
offset_request('get', '/experimental/syscollector/packages', options)
|
|
203
197
|
end
|
|
204
198
|
|
|
205
199
|
# Get ports info of all agents
|
|
@@ -232,8 +226,7 @@ module Wazuh
|
|
|
232
226
|
# Filters by state.
|
|
233
227
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-ports-info-of-all-agents
|
|
234
228
|
def experimental_ports(options = {})
|
|
235
|
-
|
|
236
|
-
data.items
|
|
229
|
+
offset_request('get', '/experimental/syscollector/ports', options)
|
|
237
230
|
end
|
|
238
231
|
|
|
239
232
|
# Get processes info of all agents
|
|
@@ -280,8 +273,7 @@ module Wazuh
|
|
|
280
273
|
# Filters by process suser.
|
|
281
274
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-processes-info-of-all-agents
|
|
282
275
|
def experimental_processes(options = {})
|
|
283
|
-
|
|
284
|
-
data.items
|
|
276
|
+
offset_request('get', '/experimental/syscollector/processes', options)
|
|
285
277
|
end
|
|
286
278
|
|
|
287
279
|
# Get CIS-CAT results
|
|
@@ -309,8 +301,7 @@ module Wazuh
|
|
|
309
301
|
# @option options [score] :score
|
|
310
302
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-cis-cat-results
|
|
311
303
|
def experimental_ciscat_results(options = {})
|
|
312
|
-
|
|
313
|
-
data.items
|
|
304
|
+
offset_request('get', '/experimental/ciscat/results', options)
|
|
314
305
|
end
|
|
315
306
|
end
|
|
316
307
|
end
|
|
@@ -18,8 +18,7 @@ module Wazuh
|
|
|
18
18
|
# Filters by path.
|
|
19
19
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-all-lists
|
|
20
20
|
def cdb_lists(options = {})
|
|
21
|
-
|
|
22
|
-
data.items
|
|
21
|
+
offset_request('get', '/lists', options)
|
|
23
22
|
end
|
|
24
23
|
|
|
25
24
|
# Get paths from all lists
|
|
@@ -35,8 +34,7 @@ module Wazuh
|
|
|
35
34
|
# Looks for elements with the specified string.
|
|
36
35
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-paths-from-all-lists
|
|
37
36
|
def cdb_files_path(options = {})
|
|
38
|
-
|
|
39
|
-
data.items
|
|
37
|
+
offset_request('get', '/lists/files', options)
|
|
40
38
|
end
|
|
41
39
|
end
|
|
42
40
|
end
|
|
@@ -39,8 +39,7 @@ module Wazuh
|
|
|
39
39
|
# @option options [search] :search
|
|
40
40
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-rootcheck-cis-requirements
|
|
41
41
|
def rootcheck_cis_requirements(agent_id, options = {})
|
|
42
|
-
|
|
43
|
-
data.items
|
|
42
|
+
offset_request('get', "/rootcheck/#{agent_id}/cis", options)
|
|
44
43
|
end
|
|
45
44
|
|
|
46
45
|
# Get rootcheck database
|
|
@@ -56,8 +55,7 @@ module Wazuh
|
|
|
56
55
|
# @option options [status] :status
|
|
57
56
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-rootcheck-database
|
|
58
57
|
def rootcheck_database(agent_id, options = {})
|
|
59
|
-
|
|
60
|
-
data.items
|
|
58
|
+
offset_request('get', "/rootcheck/#{agent_id}", options)
|
|
61
59
|
end
|
|
62
60
|
|
|
63
61
|
# Get rootcheck pci requirements
|
|
@@ -70,8 +68,7 @@ module Wazuh
|
|
|
70
68
|
# @option options [search] :search
|
|
71
69
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-rootcheck-pci-requirements
|
|
72
70
|
def rootcheck_pic_requirements(agent_id, options = {})
|
|
73
|
-
|
|
74
|
-
data.items
|
|
71
|
+
offset_request('get', "/rootcheck/#{agent_id}/pci", options)
|
|
75
72
|
end
|
|
76
73
|
|
|
77
74
|
# Run rootcheck scan in all agents
|
|
@@ -7,64 +7,56 @@ module Wazuh
|
|
|
7
7
|
#
|
|
8
8
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-all-rules
|
|
9
9
|
def all_rules(options = {})
|
|
10
|
-
|
|
11
|
-
data.items
|
|
10
|
+
offset_request('get', '/rules', options)
|
|
12
11
|
end
|
|
13
12
|
|
|
14
13
|
# Returns the files of all rules.
|
|
15
14
|
#
|
|
16
15
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-files-of-rules
|
|
17
16
|
def rule_files(options = {})
|
|
18
|
-
|
|
19
|
-
data.items
|
|
17
|
+
offset_request('get', '/rules/files', options)
|
|
20
18
|
end
|
|
21
19
|
|
|
22
20
|
# Returns the GDPR requirements of all rules.
|
|
23
21
|
#
|
|
24
22
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-rule-gdpr-requirements
|
|
25
23
|
def gdpr_rules(options = {})
|
|
26
|
-
|
|
27
|
-
data.items
|
|
24
|
+
offset_request('get', '/rules/gdpr', options)
|
|
28
25
|
end
|
|
29
26
|
|
|
30
27
|
# Returns the GPG13 requirements of all rules.
|
|
31
28
|
#
|
|
32
29
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-rule-gpg13-requirements
|
|
33
30
|
def gpg13_rules(options = {})
|
|
34
|
-
|
|
35
|
-
data.items
|
|
31
|
+
offset_request('get', '/rules/gpg13', options)
|
|
36
32
|
end
|
|
37
33
|
|
|
38
34
|
# Returns the groups of all rules.
|
|
39
35
|
#
|
|
40
36
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-rule-groups
|
|
41
37
|
def rules_groups(options = {})
|
|
42
|
-
|
|
43
|
-
data.items
|
|
38
|
+
offset_request('get', '/rules/groups', options)
|
|
44
39
|
end
|
|
45
40
|
|
|
46
41
|
# Returns the HIPAA requirements of all rules.
|
|
47
42
|
#
|
|
48
43
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-rule-hipaa-requirements
|
|
49
44
|
def hipaa_rules(options = {})
|
|
50
|
-
|
|
51
|
-
data.items
|
|
45
|
+
offset_request('get', '/rules/hipaa', options)
|
|
52
46
|
end
|
|
53
47
|
|
|
54
48
|
# Returns the NIST-800-53 requirements of all rules.
|
|
55
49
|
#
|
|
56
50
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-rule-nist-800-53-requirements
|
|
57
51
|
def nist_800_53_rules(options = {})
|
|
58
|
-
|
|
59
|
-
data.items
|
|
52
|
+
offset_request('get', '/rules/nist-800-53', options)
|
|
60
53
|
end
|
|
61
54
|
|
|
62
55
|
# Returns the PCI requirements of all rules
|
|
63
56
|
#
|
|
64
57
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-rule-pci-requirements
|
|
65
58
|
def pic_rules(options = {})
|
|
66
|
-
|
|
67
|
-
data.items
|
|
59
|
+
offset_request('get', '/rules/pci', options)
|
|
68
60
|
end
|
|
69
61
|
|
|
70
62
|
# Returns the rules with the specified id.
|
|
@@ -80,8 +72,7 @@ module Wazuh
|
|
|
80
72
|
# Looks for elements with the specified string.
|
|
81
73
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-rules-by-id
|
|
82
74
|
def rule_by_id(rule_id, options = {})
|
|
83
|
-
|
|
84
|
-
data.items
|
|
75
|
+
offset_request('get', "/rules/#{rule_id}", options)
|
|
85
76
|
end
|
|
86
77
|
end
|
|
87
78
|
end
|
|
@@ -39,8 +39,7 @@ module Wazuh
|
|
|
39
39
|
# Looks for elements with the specified string.
|
|
40
40
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-security-configuration-assessment-sca-checks-database
|
|
41
41
|
def checks_sca_database(agent_id, policy_id, options = {})
|
|
42
|
-
|
|
43
|
-
data.items
|
|
42
|
+
offset_request('get', "/sca/#{agent_id}/checks/#{policy_id}", options)
|
|
44
43
|
end
|
|
45
44
|
|
|
46
45
|
# Get security configuration assessment (SCA) database
|
|
@@ -66,8 +65,7 @@ module Wazuh
|
|
|
66
65
|
# Query to filter results by. This is specially useful to filter by total checks passed, failed or total score (fields pass, fail, score).
|
|
67
66
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-security-configuration-assessment-sca-database
|
|
68
67
|
def sca_database(agent_id, options = {})
|
|
69
|
-
|
|
70
|
-
data.items
|
|
68
|
+
offset_request('get', "/sca/#{agent_id}", options)
|
|
71
69
|
end
|
|
72
70
|
end
|
|
73
71
|
end
|
|
@@ -33,8 +33,7 @@ module Wazuh
|
|
|
33
33
|
# Returns the files with the specified hash (md5, sha1 or sha256).
|
|
34
34
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-syscheck-files
|
|
35
35
|
def syscheck_files(agent_id, options = {})
|
|
36
|
-
|
|
37
|
-
data.items
|
|
36
|
+
offset_request('get', "/syscheck/#{agent_id}", options)
|
|
38
37
|
end
|
|
39
38
|
|
|
40
39
|
# Clears the syscheck database for the specified agent.
|
|
@@ -38,8 +38,7 @@ module Wazuh
|
|
|
38
38
|
# Filters by netmask.
|
|
39
39
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-network-address-info-of-an-agent
|
|
40
40
|
def netaddr(agent_id, options = {})
|
|
41
|
-
|
|
42
|
-
data.items
|
|
41
|
+
offset_request('get', "/syscollector/#{agent_id}/netaddr", options)
|
|
43
42
|
end
|
|
44
43
|
|
|
45
44
|
# Returns the agent’s network interface info
|
|
@@ -75,8 +74,7 @@ module Wazuh
|
|
|
75
74
|
# @option options [rx_dropped] :rx_dropped
|
|
76
75
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-network-interface-info-of-an-agent
|
|
77
76
|
def netiface(agent_id, options = {})
|
|
78
|
-
|
|
79
|
-
data.items
|
|
77
|
+
offset_request('get', "/syscollector/#{agent_id}/netiface", options)
|
|
80
78
|
end
|
|
81
79
|
|
|
82
80
|
# Returns the agent’s network protocol info.
|
|
@@ -102,8 +100,7 @@ module Wazuh
|
|
|
102
100
|
# Filters by dhcp.
|
|
103
101
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-network-protocol-info-of-an-agent
|
|
104
102
|
def netproto(agent_id, options = {})
|
|
105
|
-
|
|
106
|
-
data.items
|
|
103
|
+
offset_request('get', "/syscollector/#{agent_id}/netproto", options)
|
|
107
104
|
end
|
|
108
105
|
|
|
109
106
|
# Returns the agent’s OS info.
|
|
@@ -141,8 +138,7 @@ module Wazuh
|
|
|
141
138
|
# Filters by format.
|
|
142
139
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-packages-info
|
|
143
140
|
def packages(agent_id, options = {})
|
|
144
|
-
|
|
145
|
-
data.items
|
|
141
|
+
offset_request('get', "/syscollector/#{agent_id}/packages", options)
|
|
146
142
|
end
|
|
147
143
|
|
|
148
144
|
# Get ports info of an agent
|
|
@@ -175,8 +171,7 @@ module Wazuh
|
|
|
175
171
|
# Filters by state.
|
|
176
172
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-ports-info-of-an-agent
|
|
177
173
|
def ports(agent_id, options = {})
|
|
178
|
-
|
|
179
|
-
data.items
|
|
174
|
+
offset_request('get', "/syscollector/#{agent_id}/ports", options)
|
|
180
175
|
end
|
|
181
176
|
|
|
182
177
|
# Get processes info
|
|
@@ -224,8 +219,7 @@ module Wazuh
|
|
|
224
219
|
#
|
|
225
220
|
# @see https://documentation.wazuh.com/3.10/user-manual/api/reference.html#get-processes-info
|
|
226
221
|
def processes(agent_id, options = {})
|
|
227
|
-
|
|
228
|
-
data.items
|
|
222
|
+
offset_request('get', "/syscollector/#{agent_id}/processes", options)
|
|
229
223
|
end
|
|
230
224
|
end
|
|
231
225
|
end
|
data/lib/wazuh/config.rb
CHANGED
|
@@ -5,6 +5,7 @@ module Wazuh
|
|
|
5
5
|
|
|
6
6
|
ATTRIBUTES = %i[
|
|
7
7
|
user_agent
|
|
8
|
+
ca_file
|
|
8
9
|
client_cert
|
|
9
10
|
client_key
|
|
10
11
|
basic_user
|
|
@@ -12,6 +13,7 @@ module Wazuh
|
|
|
12
13
|
verify_ssl
|
|
13
14
|
logger
|
|
14
15
|
endpoint
|
|
16
|
+
ignore_env_proxy
|
|
15
17
|
].freeze
|
|
16
18
|
|
|
17
19
|
attr_accessor(*Config::ATTRIBUTES)
|
|
@@ -19,12 +21,14 @@ module Wazuh
|
|
|
19
21
|
def reset
|
|
20
22
|
self.endpoint = nil
|
|
21
23
|
self.user_agent = "Wazuh Ruby Client/#{Wazuh::VERSION}"
|
|
24
|
+
self.ca_file = nil
|
|
22
25
|
self.client_cert = nil
|
|
23
26
|
self.client_key = nil
|
|
24
27
|
self.basic_user = nil
|
|
25
28
|
self.basic_password = nil
|
|
26
29
|
self.verify_ssl = true
|
|
27
30
|
self.logger = nil
|
|
31
|
+
self.ignore_env_proxy = false
|
|
28
32
|
end
|
|
29
33
|
end
|
|
30
34
|
|
|
@@ -14,6 +14,7 @@ module Wazuh
|
|
|
14
14
|
|
|
15
15
|
options[:headers]['User-Agent'] = user_agent if user_agent
|
|
16
16
|
options[:ssl].merge!({ client_cert: client_cert, client_key: client_key }) if client_cert || client_key
|
|
17
|
+
options[:ssl][:ca_file] = ca_file if ca_file
|
|
17
18
|
|
|
18
19
|
if basic_user || basic_password
|
|
19
20
|
authorization_header = "Basic " + Base64.encode64(basic_user + ':' + basic_password).strip
|
|
@@ -27,6 +28,7 @@ module Wazuh
|
|
|
27
28
|
}
|
|
28
29
|
|
|
29
30
|
opts[:faraday] = ::Faraday.new(options)
|
|
31
|
+
opts[:faraday].proxy = nil if ignore_env_proxy
|
|
30
32
|
|
|
31
33
|
::Sawyer::Agent.new(endpoint, opts)
|
|
32
34
|
end
|
data/lib/wazuh/sawyer/request.rb
CHANGED
|
@@ -18,6 +18,18 @@ module Wazuh
|
|
|
18
18
|
request(:delete, path, options)
|
|
19
19
|
end
|
|
20
20
|
|
|
21
|
+
def offset_request(method, path, options = {})
|
|
22
|
+
items = []
|
|
23
|
+
data = send(method, path, options)
|
|
24
|
+
0.step(data.totalItems, 500) { |offset|
|
|
25
|
+
options[:offset] = offset
|
|
26
|
+
d = send(method, path, options)
|
|
27
|
+
items.concat(d.items)
|
|
28
|
+
}
|
|
29
|
+
|
|
30
|
+
items
|
|
31
|
+
end
|
|
32
|
+
|
|
21
33
|
private
|
|
22
34
|
|
|
23
35
|
def request(method, path, options)
|
|
@@ -29,10 +41,9 @@ module Wazuh
|
|
|
29
41
|
connection.call(method, URI::Parser.new.escape(path), data)
|
|
30
42
|
end
|
|
31
43
|
|
|
32
|
-
return response.data.data if response.status == 200
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
raise Wazuh::Api::Errors::WazuhError.new(error_message, response)
|
|
44
|
+
return response.data.data if response.status == 200
|
|
45
|
+
|
|
46
|
+
raise Wazuh::Api::Errors::WazuhError.new(response.body, response)
|
|
36
47
|
end
|
|
37
48
|
end
|
|
38
49
|
end
|
data/lib/wazuh/version.rb
CHANGED
data/wazuh-ruby-client.gemspec
CHANGED
|
@@ -35,7 +35,7 @@ Gem::Specification.new do |spec|
|
|
|
35
35
|
spec.require_paths = ["lib"]
|
|
36
36
|
|
|
37
37
|
spec.add_development_dependency "bundler", "~> 2.1.4"
|
|
38
|
-
spec.add_development_dependency "rake", "
|
|
38
|
+
spec.add_development_dependency "rake", ">= 12.3.3"
|
|
39
39
|
spec.add_development_dependency "rspec", "~> 3.0"
|
|
40
40
|
spec.add_development_dependency "vcr"
|
|
41
41
|
spec.add_development_dependency "webmock"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: wazuh-ruby-client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- mrtc0
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-09-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -28,16 +28,16 @@ dependencies:
|
|
|
28
28
|
name: rake
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
|
-
- - "
|
|
31
|
+
- - ">="
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version:
|
|
33
|
+
version: 12.3.3
|
|
34
34
|
type: :development
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
|
-
- - "
|
|
38
|
+
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version:
|
|
40
|
+
version: 12.3.3
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: rspec
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|