Fix wazuh.yml link and in-file documentation (#4378)

* Review Wazuh.yml documentation

Remove unused settings. Centralize documentation. Add missing settings. Programatic file generation.

* Add Changelog

* Fix indentation for hosts in the wazuh.yml

Also fixes some TS warnings

* Deep copy the WAZUH_DEFAULT_APP_CONFIG object

(cherry picked from commit 1d44109)

CHANGELOG.md

@@ -6,6 +6,7 @@ All notable changes to the Wazuh app project will be documented in this file.
 
 ### Fixed
 
+- Wazuh.yml review: fixed link to web documentation, improved in-file documentation and fixed some grammatical errors. [#4378](https://github.com/wazuh/wazuh-kibana-app/pull/4378)
 - Fixed an error during the generation of a group's report, if the request to the Wazuh API fails [#4350](https://github.com/wazuh/wazuh-kibana-app/pull/4350)
 - Fixed a problem with the group's report, when the group has no agents [#4350](https://github.com/wazuh/wazuh-kibana-app/pull/4350)
 - Fixed path in logo customization section [#4352](https://github.com/wazuh/wazuh-kibana-app/pull/4352)

common/constants.ts

@@ -221,6 +221,7 @@ export const WAZUH_DEFAULT_APP_CONFIG = {
   hideManagerAlerts: false,
   'logs.level': 'info',
   'enrollment.dns': '',
+  'enrollment.password': '',
   'customization.logo.app': '',
   'customization.logo.sidebar': '',
   'customization.logo.healthcheck':'',

public/services/resolves/get-config.js

@@ -10,70 +10,10 @@
  * Find more information about this on the LICENSE file.
  */
 
-import {
-  WAZUH_ALERTS_PATTERN,
-  WAZUH_MONITORING_DEFAULT_INDICES_SHARDS,
-  WAZUH_MONITORING_DEFAULT_INDICES_REPLICAS,
-  WAZUH_MONITORING_PATTERN,
-  WAZUH_SAMPLE_ALERT_PREFIX,
-  WAZUH_STATISTICS_DEFAULT_INDICES_SHARDS,
-  WAZUH_STATISTICS_DEFAULT_INDICES_REPLICAS,
-} from "../../../common/constants";
+import { WAZUH_DEFAULT_APP_CONFIG } from '../../../common/constants';
 
 export async function getWzConfig($q, genericReq, wazuhConfig) {
-  // Remember to keep this values equal to default wazuh.yml values
-  const defaultConfig = {
-    pattern: WAZUH_ALERTS_PATTERN,
-    'checks.pattern': true,
-    'checks.template': true,
-    'checks.api': true,
-    'checks.setup': true,
-    'checks.fields': true,
-    'checks.metaFields': true,
-    'checks.timeFilter': true,
-    'checks.maxBuckets': true,
-    'extensions.pci': true,
-    'extensions.gdpr': true,
-    'extensions.hipaa': true,
-    'extensions.nist': true,
-    'extensions.tsc': true,
-    'extensions.audit': true,
-    'extensions.oscap': false,
-    'extensions.ciscat': false,
-    'extensions.aws': false,
-    'extensions.gcp': false,
-    'extensions.virustotal': false,
-    'extensions.osquery': false,
-    'extensions.docker': false,
-    'extensions.office': false,
-    'extensions.github': false,
-    timeout: 20000,
-    'ip.selector': true,
-    'ip.ignore': [],
-    'wazuh.monitoring.enabled': true,
-    'wazuh.monitoring.frequency': 900,
-    'wazuh.monitoring.shards': WAZUH_MONITORING_DEFAULT_INDICES_SHARDS,
-    'wazuh.monitoring.replicas': WAZUH_MONITORING_DEFAULT_INDICES_REPLICAS,
-    'wazuh.monitoring.creation': 'w',
-    'wazuh.monitoring.pattern': WAZUH_MONITORING_PATTERN,
-    'cron.prefix': 'wazuh',
-    'cron.statistics.status': true,
-    'cron.statistics.apis': [],
-    'cron.statistics.interval': '0 */5 * * * *',
-    'cron.statistics.index.name': 'statistics',
-    'cron.statistics.index.creation': 'w',
-    'cron.statistics.index.shards': WAZUH_STATISTICS_DEFAULT_INDICES_SHARDS,
-    'cron.statistics.index.replicas': WAZUH_STATISTICS_DEFAULT_INDICES_REPLICAS,
-    'alerts.sample.prefix': WAZUH_SAMPLE_ALERT_PREFIX,
-    hideManagerAlerts: false,
-    'logs.level': 'info',
-    'enrollment.dns': '',
-    'enrollment.password': '',
-    'customization.logo.app':'',
-    'customization.logo.sidebar':'',
-    'customization.logo.healthcheck':'',
-    'customization.logo.reports':''
-  };
+  const defaultConfig = { ...WAZUH_DEFAULT_APP_CONFIG };
 
   try {
     const config = await genericReq.request('GET', '/utils/configuration', {});

public/utils/config-equivalences.js

@@ -1,11 +1,11 @@
 import { ASSETS_PUBLIC_URL, PLUGIN_PLATFORM_NAME } from "../../common/constants";
 
 export const configEquivalences = {
-  pattern: 'Default index pattern to use on the app.',
-  'customization.logo.app':`Define the name of the app logo saved in the path ${ASSETS_PUBLIC_URL}`,
-  'customization.logo.sidebar':`Define the name of the sidebar logo saved in the path ${ASSETS_PUBLIC_URL}`,
-  'customization.logo.healthcheck':`Define the name of the health-check logo saved in the path ${ASSETS_PUBLIC_URL}`,
-  'customization.logo.reports':`Define the name of the reports logo (.png) saved in the path ${ASSETS_PUBLIC_URL}`,
+  pattern: "Default index pattern to use on the app. If there's no valid index pattern, the app will automatically create one with the name indicated in this option.",
+  'customization.logo.app':`Set the name of the app logo stored at ${ASSETS_PUBLIC_URL}`,
+  'customization.logo.sidebar':`Set the name of the sidebar logo stored at ${ASSETS_PUBLIC_URL}`,
+  'customization.logo.healthcheck':`Set the name of the health-check logo stored at ${ASSETS_PUBLIC_URL}`,
+  'customization.logo.reports':`Set the name of the reports logo (.png) stored at ${ASSETS_PUBLIC_URL}`,
   'checks.pattern':
     'Enable or disable the index pattern health check when opening the app.',
   'checks.template':
@@ -23,6 +23,9 @@ export const configEquivalences = {
       `Change the default value of the ${PLUGIN_PLATFORM_NAME} max buckets configuration`,
   'extensions.pci': 'Enable or disable the PCI DSS tab on Overview and Agents.',
   'extensions.gdpr': 'Enable or disable the GDPR tab on Overview and Agents.',
+  'extensions.hipaa': 'Enable or disable the HIPAA tab on Overview and Agents.',
+  'extensions.nist': 'Enable or disable the NIST 800-53 tab on Overview and Agents.',
+  'extensions.tsc': 'Enable or disable the TSC tab on Overview and Agents.',
   'extensions.audit': 'Enable or disable the Audit tab on Overview and Agents.',
   'extensions.oscap':
     'Enable or disable the Open SCAP tab on Overview and Agents.',
@@ -38,41 +41,43 @@ export const configEquivalences = {
   'extensions.docker':
     'Enable or disable the Docker listener tab on Overview and Agents.',
   timeout:
-    'Defines the maximum time the app will wait for an API response when making requests to it.',
+    'Maximum time, in milliseconds, the app will wait for an API response when making requests to it. It will be ignored if the value is set under 1500 milliseconds.',
   'ip.selector':
-    'Defines if the user is allowed to change the selected index pattern directly from the top menu bar.',
+    'Define if the user is allowed to change the selected index pattern directly from the top menu bar.',
   'ip.ignore':
     'Disable certain index pattern names from being available in index pattern selector from the Wazuh app.',
   'wazuh.monitoring.enabled':
     'Enable or disable the wazuh-monitoring index creation and/or visualization.',
   'wazuh.monitoring.frequency':
-    'Define in seconds the frequency the app generates a new document on the wazuh-monitoring index.',
+    'Frequency, in seconds, of API requests to get the state of the agents and create a new document in the wazuh-monitoring index with this data.',
   'wazuh.monitoring.shards':
     'Define the number of shards to use for the wazuh-monitoring-* indices.',
   'wazuh.monitoring.replicas':
     'Define the number of replicas to use for the wazuh-monitoring-* indices.',
   'wazuh.monitoring.creation':
-    'Define the interval in which the wazuh-monitoring index will be created.',
+    'Define the interval in which a new wazuh-monitoring index will be created.',
   'wazuh.monitoring.pattern':
-    'Default index pattern to use on the app for Wazuh monitoring.',
+    'Default index pattern to use for Wazuh monitoring.',
   hideManagerAlerts:
-    'Hide the alerts of the manager in all dashboards.',
+    'Hide the alerts of the manager in every dashboard.',
   'logs.level':
-    'Set the app logging level, allowed values are info and debug. Default is info.',
+    'Logging level of the App.',
   'enrollment.dns':
-    'Set the Wazuh server address in the agent deployment.',
+    'Specifies the Wazuh registration server, used for the agent enrollment.',
+  'enrollment.password':
+    'Specifies the password used to authenticate during the agent enrollment.',
   'cron.prefix':
     'Define the index prefix of predefined jobs.',
   'cron.statistics.status':
     'Enable or disable the statistics tasks.',
   'cron.statistics.apis':
-    'Enter the ID of the APIs you want to save data from, leave this empty to run the task on all configured APIs.',
+    'Enter the ID of the hosts you want to save data from, leave this empty to run the task on every host.',
   'cron.statistics.interval': 'Define the frequency of task execution using cron schedule expressions.',
-  'cron.statistics.index.name': 'Define the name of the index in which the documents are to be saved.',
-  'cron.statistics.index.creation': 'Define the interval in which the index will be created.',
+  'cron.statistics.index.name': 'Define the name of the index in which the documents will be saved.',
+  'cron.statistics.index.creation': 'Define the interval in which a new index will be created.',
   'cron.statistics.index.shards': 'Define the number of shards to use for the statistics indices.',
   'cron.statistics.index.replicas': 'Define the number of replicas to use for the statistics indices.',
-  'alerts.sample.prefix': 'Define the index name prefix of sample alerts. It must match with the template used by the index pattern to avoid unknown fields in dashboards.',
+  'alerts.sample.prefix': 'Define the index name prefix of sample alerts. It must match the template used by the index pattern to avoid unknown fields in dashboards.',
 };
 
 export const nameEquivalence = {

server/controllers/wazuh-hosts.ts

@@ -10,15 +10,26 @@
  * Find more information about this on the LICENSE file.
  */
 
+import {
+  OpenSearchDashboardsRequest,
+  RequestHandlerContext,
+  OpenSearchDashboardsResponseFactory,
+} from 'src/core/server';
+import {
+  PLUGIN_PLATFORM_INSTALLATION_USER,
+  PLUGIN_PLATFORM_INSTALLATION_USER_GROUP,
+  PLUGIN_PLATFORM_NAME,
+  WAZUH_DATA_PLUGIN_PLATFORM_BASE_ABSOLUTE_PATH,
+} from '../../common/constants';
+import { APIUserAllowRunAs } from '../lib/cache-api-user-has-run-as';
+import { ErrorResponse } from '../lib/error-response';
+import { log } from '../lib/logger';
 import { ManageHosts } from '../lib/manage-hosts';
 import { UpdateRegistry } from '../lib/update-registry';
-import { log } from '../lib/logger';
-import { ErrorResponse } from '../lib/error-response';
-import { APIUserAllowRunAs } from '../lib/cache-api-user-has-run-as';
-import { OpenSearchDashboardsRequest, RequestHandlerContext, OpenSearchDashboardsResponseFactory } from 'src/core/server';
-import { WAZUH_DATA_PLUGIN_PLATFORM_BASE_ABSOLUTE_PATH, PLUGIN_PLATFORM_INSTALLATION_USER, PLUGIN_PLATFORM_INSTALLATION_USER_GROUP, PLUGIN_PLATFORM_NAME } from '../../common/constants';
 
 export class WazuhHostsCtrl {
+  manageHosts: ManageHosts;
+  updateRegistry: UpdateRegistry;
   constructor() {
     this.manageHosts = new ManageHosts();
     this.updateRegistry = new UpdateRegistry();
@@ -34,7 +45,7 @@ export class WazuhHostsCtrl {
   async getHostsEntries(context: RequestHandlerContext, request: OpenSearchDashboardsRequest, response: OpenSearchDashboardsResponseFactory) {
     try {
       const removePassword = true;
-      const hosts = await this.manageHosts.getHosts(removePassword);
+      const hosts = await this.manageHosts.getHosts();
       const registry = await this.updateRegistry.getHosts();
       const result = await this.joinHostRegistry(hosts, registry, removePassword);
       return response.ok({