Merge branch '4.9.0' of https://github.com/wazuh/wazuh-kibana-app int…

…o feat/6536-remove-angularjs-controller-blank-screen

CHANGELOG.md

@@ -13,6 +13,7 @@ All notable changes to the Wazuh app project will be documented in this file.
 - Improve fleet management by adding 'Edit Agent Groups' and 'Upgrade Agents' actions, as well as a filter to show only outdated agents [#6250](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6250) [#6476](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6476) [#6274](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6274) [#6501](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6501) [#6529](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6529)
 - Added propagation of updates from the table to dashboard visualizations in Endpoints summary [#6460](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6460)
 - Handle index pattern selector on new discover [#6499](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6499)
+- Added macOS log collector tab [#6545](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6545)
 
 ### Changed
 
@@ -25,6 +26,7 @@ All notable changes to the Wazuh app project will be documented in this file.
 - Refactoring and redesign endpoints summary visualizations [#6268](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6268)
 - Move the AngularJS controller and template of blank screen to ReactJS component [#6538](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6538)
 - Remove AngularJS controller for manage groups [#6543](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6543)
+- Remove some branding references across the application. [#6155](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6155)
 
 ### Fixed
 
@@ -42,15 +44,15 @@ All notable changes to the Wazuh app project will be documented in this file.
 
 - Support for Wazuh 4.8.1
 
-## Wazuh v4.8.0 - OpenSearch Dashboards 2.10.0 - Revision 05
+## Wazuh v4.8.0 - OpenSearch Dashboards 2.10.0 - Revision 06
 
 ### Added
 
 - Support for Wazuh 4.8.0
 - Added the ability to check if there are available updates from the UI. [#6093](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6093) [#6256](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6256) [#6328](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6328)
 - Added remember server address check [#5791](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5791)
 - Added the ssl_agent_ca configuration to the SSL Settings form [#6083](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6083)
-- Added global vulnerabilities dashboards [#5896](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5896) [#6179](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6179) [#6173](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6173) [#6147](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6147) [#6231](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6231) [#6246](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6246) [#6321](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6321) [#6338](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6338) [#6356](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6356) [#6396](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6396) [#6399](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6399) [#6405](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6405) [#6410](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6410) [#6424](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6424) [#6422](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6422) [#6429](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6429) [#6448](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6448)
+- Added global vulnerabilities dashboards [#5896](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5896) [#6179](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6179) [#6173](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6173) [#6147](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6147) [#6231](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6231) [#6246](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6246) [#6321](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6321) [#6338](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6338) [#6356](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6356) [#6396](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6396) [#6399](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6399) [#6405](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6405) [#6410](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6410) [#6424](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6424) [#6422](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6422) [#6429](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6429) [#6448](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6448) [#6488](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6488)
 - Added an agent selector to the IT Hygiene application [#5840](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5840)
 - Added query results limit when the search exceed 10000 hits [#6106](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6106)
 - Added a redirection button to Endpoint Summary from IT Hygiene application [#6176](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6176)
@@ -59,12 +61,13 @@ All notable changes to the Wazuh app project will be documented in this file.
 
 ### Changed
 
-- Moved the plugin menu to platform applications into the side menu [#5840](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5840) [#6226](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6226) [#6244](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6244) [#6176](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6176) [#6423](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6423)
+- Moved the plugin menu to platform applications into the side menu [#5840](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5840) [#6226](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6226) [#6244](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6244) [#6176](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6176) [#6423](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6423) [#6510](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6510)
 - Changed dashboards. [#6035](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6035)
 - Change the display order of tabs in all modules. [#6067](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6067)
 - Upgraded the `axios` dependency to `1.6.1` [#6114](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6114)
 - Changed the api configuration title in the Server APIs section. [#6373](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6373)
 - Changed overview home top KPIs. [#6379](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6379) [#6408](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6408)
+- Updated the PDF report year number. [#6492](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6492)
 
 ### Fixed
 
@@ -85,6 +88,8 @@ All notable changes to the Wazuh app project will be documented in this file.
 - Fixed the help menu, to be consistent and avoid duplication [#6374](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6374)
 - Fixed the axis label visual bug from dashboards [#6378](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6378)
 - Fixed a error pop-up spawn in MITRE ATT&CK [#6431](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6431)
+- Fixed minor style issues [#6484](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6484) [#6489](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6489)
+- Fixed "View alerts of this Rule" link [#6553](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6553)
 
 ### Removed
 

docker/imposter/agents/configuration/logcollector-localfile.json

@@ -1,87 +1,193 @@
 {
   "data": {
     "localfile": [
+      {
+        "logformat": "macos",
+        "query": {
+          "value": "(process == \"sudo\") or (process == \"sessionlogoutd\" and message contains \"logout is complete.\") or (process == \"sshd\") or (process == \"tccd\" and message contains \"Update Access Record\") or (message contains \"SessionAgentNotificationCenter\") or (process == \"screensharingd\" and message contains \"Authentication\") or (process == \"securityd\" and eventMessage contains \"Session\" and subsystem == \"com.apple.securityd\")",
+          "level": "info",
+          "type": [
+            "log",
+            "activity",
+            "trace"
+          ]
+        },
+        "ignore_binaries": "no",
+        "only-future-events": "yes",
+        "target": [
+          "agent"
+        ]
+      },
       {
         "logformat": "command",
         "command": "df -P",
         "alias": "df -P",
         "ignore_binaries": "no",
-        "target": ["agent"],
+        "target": [
+          "agent"
+        ],
         "frequency": 360
       },
       {
         "logformat": "full_command",
         "command": "netstat -tulpn | sed 's/\\([[:alnum:]]\\+\\)\\ \\+[[:digit:]]\\+\\ \\+[[:digit:]]\\+\\ \\+\\(.*\\):\\([[:digit:]]*\\)\\ \\+\\([0-9\\.\\:\\*]\\+\\).\\+\\ \\([[:digit:]]*\\/[[:alnum:]\\-]*\\).*/\\1 \\2 == \\3 == \\4 \\5/' | sort -k 4 -g | sed 's/ == \\(.*\\) ==/:\\1/' | sed 1,2d",
         "alias": "netstat listening ports",
         "ignore_binaries": "no",
-        "target": ["agent"],
+        "target": [
+          "agent"
+        ],
         "frequency": 360
       },
       {
         "logformat": "full_command",
         "command": "last -n 20",
         "alias": "last -n 20",
         "ignore_binaries": "no",
-        "target": ["agent"],
+        "target": [
+          "agent"
+        ],
         "frequency": 360
       },
       {
         "file": "/var/log/test.log",
         "logformat": "syslog",
         "ignore_binaries": "no",
         "only-future-events": "yes",
-        "target": ["agent"]
+        "target": [
+          "agent"
+        ]
       },
       {
         "file": "/var/log/nginx/access.log",
         "logformat": "apache",
         "ignore_binaries": "no",
         "only-future-events": "yes",
-        "target": ["agent"]
+        "target": [
+          "agent"
+        ]
       },
       {
         "file": "/var/log/nginx/error.log",
         "logformat": "apache",
         "ignore_binaries": "no",
         "only-future-events": "yes",
-        "target": ["agent"]
+        "target": [
+          "agent"
+        ]
       },
       {
         "file": "/var/ossec/logs/active-responses.log",
         "logformat": "syslog",
         "ignore_binaries": "no",
         "only-future-events": "yes",
-        "target": ["agent"]
+        "target": [
+          "agent"
+        ]
       },
       {
         "file": "/var/log/auth.log",
         "logformat": "syslog",
         "ignore_binaries": "no",
         "only-future-events": "yes",
-        "target": ["agent"]
+        "target": [
+          "agent"
+        ]
       },
       {
         "file": "/var/log/syslog",
         "logformat": "syslog",
         "ignore_binaries": "no",
         "only-future-events": "yes",
-        "target": ["agent"]
+        "target": [
+          "agent"
+        ]
       },
       {
         "file": "/var/log/dpkg.log",
         "logformat": "syslog",
         "ignore_binaries": "no",
         "only-future-events": "yes",
-        "target": ["agent"]
+        "target": [
+          "agent"
+        ]
       },
       {
         "file": "/var/log/kern.log",
         "logformat": "syslog",
         "ignore_binaries": "no",
         "only-future-events": "yes",
-        "target": ["agent"]
+        "target": [
+          "agent"
+        ]
+      },
+      {
+        "channel": "Application",
+        "logformat": "eventlog",
+        "ignore_binaries": "no",
+        "target": [
+          "agent"
+        ]
+      },
+      {
+        "channel": "Security",
+        "logformat": "eventchannel",
+        "query": {
+          "value": "Event/System[EventID != 5145 and EventID != 5156 and EventID != 5447 and EventID != 4656 and EventID != 4658 and EventID != 4663 and EventID != 4660 and EventID != 4670 and EventID != 4690 and EventID != 4703 and EventID != 4907]"
+        },
+        "ignore_binaries": "no",
+        "only-future-events": "yes",
+        "target": [
+          "agent"
+        ],
+        "reconnect_time": 5
+      },
+      {
+        "channel": "System",
+        "logformat": "eventlog",
+        "ignore_binaries": "no",
+        "target": [
+          "agent"
+        ]
+      },
+      {
+        "file": "active-response\\active-responses.log",
+        "logformat": "syslog",
+        "ignore_binaries": "no",
+        "only-future-events": "yes",
+        "target": [
+          "agent"
+        ]
+      },
+      {
+        "channel": "Microsoft-Windows-Sysmon/Operational",
+        "logformat": "eventchannel",
+        "ignore_binaries": "no",
+        "only-future-events": "yes",
+        "target": [
+          "agent"
+        ],
+        "reconnect_time": 5
+      },
+      {
+        "channel": "Microsoft-Windows-Windows Defender/Operational",
+        "logformat": "eventchannel",
+        "ignore_binaries": "no",
+        "only-future-events": "yes",
+        "target": [
+          "agent"
+        ],
+        "reconnect_time": 5
+      },
+      {
+        "file": "C:\\inetpub\\logs\\LogFiles\\W3SVC1\\u_ex240321.log",
+        "logformat": "iis",
+        "ignore_binaries": "no",
+        "only-future-events": "yes",
+        "target": [
+          "agent"
+        ]
       }
     ]
   },
   "error": 0
-}
+}