Fix/graph single api 3239 #3256
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The Evolution graph in agents/ should display only the status of agents that belong to the selected API
Fixed issue where a manager whose name is a substring of another's would show data from both
2 tasks
Desvelao
requested changes
May 19, 2021
There was a problem hiding this comment.
PR requirements:
❌ Add the change to CHANGELOG.md
Test ❌
In an environment with:
2 managers nodes (1 master and 1 worker):
- Register an agent to the
workernode.
The indexed document has themanagerkey as the worker, so the filter bymanageris not useful to solve the issue if only filer by the name of one manager.
Possible solutions:
- Add to the visualization filters, the name of all manager nodes of the API. Something like:
{
"query": {
"terms": {
"manager.keyword": ["manager-master-node", "manager-worker-node1", "manager-worker-node2", etc...]
}
}
}
- Add to the document the
idof API. This will be a breaking change with the current data indexed to the document in the monitoring indices
This method requests the managers from the current API and extracts the unique occurence of each of the managers, returning a list of the names of all the managers the agents in the current API have. Also modified the filter in kibana-vis so it makes use of an array of managers instead of a single one.
|
I implemented the change suggested by @Desvelao and added a function to retrieve the list of managers from the current API to use it in the filter. The issue of multiple managers having the same name still exists |
Desvelao
reviewed
May 24, 2021
Comment on lines
97
to
102
| async getManagers() { | ||
| const agents = await WzRequest.apiReq('GET', '/agents', {}); | ||
| const managers = agents.data.data.affected_items.map((agent) => agent.manager); | ||
| const uniqueManagers = managers.reduce((unique,manager) => unique.includes(manager) ? unique : [...unique,manager], []); | ||
| return uniqueManagers; | ||
| } |
There was a problem hiding this comment.
This could cause bugs due to:
- The request is limited to the first 500 agents. If we need more agents, we need to paginate. It costs so much to get the managers.
- This could work if we get all agents because could exist an agent registered with other managers that are not returned with the request.
Maybe we could get the manager name with the next Wazuh API endpoint:
GET /agents/stats/distinct?fields=manager
instead of the GET /agents and build the unique values for manager.
I am not sure that happens if the user can't get the manager names? Should we offer this information in an endpoint that uses the internal Wazuh user defined by the host instead?
Desvelao
reviewed
May 24, 2021
Comment on lines
228
to
230
| should: this.props.managers.map((manager) => { | ||
| return {term: {"manager.keyword" : manager}} | ||
| }), |
There was a problem hiding this comment.
You could use the terms query instead of multiple term.
Seeing how the only way to find the complete list of managers is getting the complete list of agents, and this being possibly taxing on the API, the filter dependency has been switched to `cluster.name` Now the graph will conflict if 2 clusters share the same name instead of 2 managers.
|
Changed the filter so it search by cluster name. This means the conflict may arise now on clusters with same name instead of managers with same name |
Desvelao
reviewed
May 24, 2021
| @@ -51,6 +51,7 @@ export const AgentsPreview = compose( | |||
| super(props); | |||
| this.state = { data: [], loading: false, showAgentsEvolutionVisualization: false, agentTableFilters: [] }; | |||
| this.wazuhConfig = new WazuhConfig(); | |||
| this.managers = []; | |||
frankeros
added a commit
that referenced
this pull request
Jun 22, 2021
* Feature/remove module titles (#3160) * Remove module titles * Add popover to breadcrumb * Update changelog * Fix errors * Fix the broken links when using server.basePath Kibana setting (#3161) * fix(frontend): Fix broken link when use 'server.basePath` Kibana setting - Fix links in Wazuh breadcrumb - Fix some redirection links * feat(prettier): Added prettierrc config file. (#3168) * [Feature]: Add Wazuh help links as extension in Kibana help menu (#3170) * feat(frontend): Add Wazuh help links as an extension in Kibana help menu * fix(changelog): Add PR to changelog * fix(changelog): Fix PR number and link * fix(help-links): Replace component and removed color styles from Wazuh lunk in the Kibana help button * Fixing filter in reports (#3173) * Removed sha1 data and correct date format (#3189) * [FEATURE] Add redirect to group details using the URL (#3184) * feat(groups): Add redirect to group details using the URL - Redirect to group details when the URL contains group query param * doc(changelog): add missing changelog for #3189 * Fixed screen flickers in Cluster Visualization (#3159) * Modify the default settings related to monitoring indices creation (#3174) * fix(configuration): Changed WAZUH_MONITORING_DEFAULT_CREATION app setting from 'd' to 'w' (weekly) * fix(configuration): Replace wazuh.monitorin.creation from d to w (weekly) - Fixed cron.prefix setting * fix(monitoring): Set monitoring default indices shards to 1. Another fixes in configurations * fix(monitoring): fix wazuh.monitoring.shards value in the initail app configuration * doc(changelog): add missing changelogs * doc(changelog): remove duplicated changelogs * Bugfix default index patterns [Health-check] - 4.2 (#3232) * bugfix(health-check): Fixed creation of default index and added all section create and refresh index in heath-check. * fix: some bad behaviors * doc(changelog): add fix to changelog * fix: reject promise on error and refactor * fix: refactor required fields * feat: refactor const * Update CHANGELOG.md Co-authored-by: Franco Charriol <francocharriol@gmail.com> Co-authored-by: Franco Charriol <franco.charriol@wazuh.com> * Fix validation of list of valid index patterns for alerts (#3236) * Last changes from Tag 4.2.0 4201 (#3246) * Fixed fields overlap in the agent summary screen (#3217) * [Refactor] Health check (#3197) * refactor(healthcheck): Adapt the refactorized health check component to last changes - Added monitoring and statistics index patterns checks - Added logic to retry the checks with a refresh button - Apply the retry to API connection check - Export react services in index file - Create appConfig in the Redux store * feat(healtcheck): Replace health check initial state to waiting * fet(healthcheck): Add can retry to healthcheck checks * fix(menu): Fix error in toast from WzMenu and revome unnecessary return in PatternHandler * fix(health-check): Fix create index pattern when change the setting in Settings > Configuration and loop in health check * fix(health-check): renamed files from appConfig Redux actions and reducer * fix(frontend): Replace config singleton saving to Redux * fix(health-check): Fix infinite loop rendering component when a check is disabled in the configuration * fix(health-check): Rename health checks titles * fix(health-check): Fix the tests for Health check * refactor(health-check): Request changes, add max buckets check and some improvements - Request changes - Added the max buckets check when the component is mounted - Created the `useRootScope` hook - Improved the export in the HOCs and hooks index files - Removed the `lib` folder - Removed the `health-check` old component * Add modal to different sections (#3221) * Roles Mapping * Investigating problem with lifecylce * Created new mask and fix role mapping * Create and edit user * Create and edit roles * Edit policy * Polices edit and create * Management * Update Changelog * Change copyright * Fix errors * Feature Disable Wazuh by roles (#3222) * fix package name in add new agent (#3233) * fix index typo settings (#3234) * [Fix] Visualize button on Events (Discover component) (#3237) * fix(discover) Ser UiActions of the Discover plugin - This fixes the Visualize button was missing in the Discover sidebar when expanding a index field * add error when add sample data fails (#3241) * fix(navbar): Hide navbar wazuh label. (#3240) * Vulnerabilities inventory cleanup 3242 (#3243) * Removed check for active agent Now a list of vulnerabilities will be shown regardless of agent activity * Removed name from the top of the flyout Now only the CVE remains * added missing modules in agent menu (#3244) * Removed tooltip in last breadcrumb in header breadcrumb (#3250) * Improve api selector (#3175) * error adding selectors * added select api and select index pattern on menu * remove unused variables * error adding selectors * added select api and select index pattern on menu * remove unused variables * bugfix(apiSelector): Fixed index pattern selection, bad behavior when switching from navbar. * Added Popover when screen width is small * Changed popover icon * Resolved requested changes * Removed selectors in wazuh menu, removed margin in breadcrumb * Removed margins style in breadcrumb * Added tooltip in popover selectors button * fixed marginLeft syntax in breadcrumb * Fixed conditions to show selectors in popover * Fixed change API selector * Fixed selectors sizes * Update CHANGELOG.md Co-authored-by: gabiwassan <gabriel.wassan@wazuh.com> Co-authored-by: Ibarra Maximiliano <maximiliano.ibarra@wazuh.com> Co-authored-by: Franco Charriol <francocharriol@gmail.com> Co-authored-by: Franco Charriol <franco.charriol@wazuh.com> * Bugfix/3273 error check wazuh no security (#3292) * Fixed error in check-wazuh * updated CHANGELOG * fix(changelog): Moved PR number to a existent change Co-authored-by: Ibarra Maximiliano <maximiliano.ibarra@wazuh.com> Co-authored-by: Antonio <34042064+Desvelao@users.noreply.github.com> * Add validation form creating new rule/decoder (#3274) * Add modal when creating new rule * Update changelog * Change if/else * Change rest of if/else * Change flyout title * Fix error when saving a rule * Fix errors in PDF reports (#3272) * Remove dupicate subsection * Fix duplicate Who data * fix date format pdf * Fix width columns * Add changelog * Remove unused variable * Translate comments * Use camelCase * Removed unnecessary tabs * Transalate comments * fix(reporting): Replace array constructor * fix(changelog): Removed spaces in markdown links Co-authored-by: Antonio <34042064+Desvelao@users.noreply.github.com> * Fix typerror deploy new agent Safari 12 (#3289) * Fix unsupported function in Safari 12 * Update changelog Co-authored-by: Antonio <34042064+Desvelao@users.noreply.github.com> * Fix 3209/improving and removing WUI error logs (#3260) * Improving and removing WUI error logs * Fix * Added Changelog * Comment upgrades * Adding contant to tryCatchForIndexPermissionError * Fixes * More fixes and upgrades * fix(server): Moved a server log in /api/check-stored endpoint - Moved a server log in endpoint - Renamed variable in monitoring job * fix(monitoring): Replaced multiple try/catch block by one. Co-authored-by: Desvelao <iamdesvelao@gmail.com> Co-authored-by: Antonio <34042064+Desvelao@users.noreply.github.com> * Fix/graph single api 3239 (#3256) * Added filter for current api in kibana-vis The Evolution graph in agents/ should display only the status of agents that belong to the selected API * Fixed partial matches Fixed issue where a manager whose name is a substring of another's would show data from both * Added a getManagers method to agents preview This method requests the managers from the current API and extracts the unique occurence of each of the managers, returning a list of the names of all the managers the agents in the current API have. Also modified the filter in kibana-vis so it makes use of an array of managers instead of a single one. * Updated CHANGELOG * Changed the filter parameters from manager to cluster name Seeing how the only way to find the complete list of managers is getting the complete list of agents, and this being possibly taxing on the API, the filter dependency has been switched to `cluster.name` Now the graph will conflict if 2 clusters share the same name instead of 2 managers. * Applied formating and adjusted filter metadata * Added logic to pick a filter for manager or cluster when appropriate * fix(monitoring): Moved the filter of agents evolution visualization to KibanaVis Co-authored-by: Desvelao <iamdesvelao@gmail.com> * changelog: Fix changes in revision 4202 * [SCA] Fix the render of the checks in a SCA check (#3297) * fix(sca): Fix the render of the checks in a SCA check - Now display each check.rule * changelog: Add PR to changelog * add session token to rulest (#3257) * add session token to rulest * add changelog * fix code * fix packge json * bufix(logtest): Replaced request to get token. We have a token for this session on the return of the PUT logtest. * docs(changelog): Fixed format and messages * bugfix(logtest): Replaced promise.all, we need take token for the next request. * fix(logtest): Use the same token generated in the first request to another logs * fix(logtest): Add control when the token was gotten * fix(logtest): Fix variable when got the token * Added buttom to clear session in logtest and add control of logtest token to Redux * Update logtest.tsx * [Health check] Add logs with the details about the check (#3258) * feat(health-check): Add logs to the check of Health check - Add logs to checks - Add button to open/close the check logs - Add new section to Settings: Miscellaneous - Add control when the health chekc is run in `debug` mode (no redirection after cheks are ready) - Refactor some functions - Some ajustments to Settins secions related to spaces * fix(health-check): Fix health check redirection and update tests - Fix health check redirection when all checks are ready - Update health check tests * feat(health-check): Remove notification when opening the check logs and there is some check action * fix(health-check): Fix unknown error and added improvements to notifications - Fix unknown error after restart the cluster and try to pass the health check - Remove the notification dot of check details when open for first time - Display the check details button when there are logs - Updated the tests (snapshot and tests) * Remove status text. Improve styles. Small log text fix * Added animated codeblock transition * Fixed react warnings * Fixed animation style * Fixed unit test * Only show log button when error or debug mode * updated unit test snapshots * Fix typo * Update CHANGELOG.md * Adapt kibana integrations to public interfaces of saved objects for 7.11/7.12 (#3309) * fix: update kibana-discover and kibana-vis to 7.11 public interfaces * update[changelog]: add to changelog * fix: remove comment code * Fix alerts summary reports (#3303) * Fix some alerts summary reports * Fix date CIS CAT module * Disabled index pattern checks in Healthcheck (#3311) * feat(health-check): Add logs to the check of Health check - Add logs to checks - Add button to open/close the check logs - Add new section to Settings: Miscellaneous - Add control when the health chekc is run in `debug` mode (no redirection after cheks are ready) - Refactor some functions - Some ajustments to Settins secions related to spaces * fix(health-check): Fix health check redirection and update tests - Fix health check redirection when all checks are ready - Update health check tests * feat(health-check): Remove notification when opening the check logs and there is some check action * fix(health-check): Fix unknown error and added improvements to notifications - Fix unknown error after restart the cluster and try to pass the health check - Remove the notification dot of check details when open for first time - Display the check details button when there are logs - Updated the tests (snapshot and tests) * Remove status text. Improve styles. Small log text fix * Added animated codeblock transition * Fixed react warnings * Fixed animation style * Fixed unit test * Only show log button when error or debug mode * updated unit test snapshots * Fix typo * Disabled index pattern checks * Updated CHANGELOG * Removed awaitFor, fixed title, and label * Changed some services names * fix: refactor architecture and remove unnecessary checks * fix error agent view does not render correctly (#3306) * fix error agent view does not render correctly * update CHANGELOG.md * add new file .scss and functions declarations * prettier * Fix visualizations with dark mode background in PDF report (#3315) * Normalize visData table property for 7.12 retro-compatibility (#3323) * Use the longest value in column to get column width in PDF report tables (#3326) * Use the longest value in column to get column width * Added changelog * Improved code readability * New attributes added for integration testing (#3331) * New attributes added for integration testing * New constants added for integration testing * Added new constants files for cypress * updated selectors and atributes * Hide Wazuh breadcrumb label and Wazuh api selector css fix (#3347) * Change css breadcrumb selector + Wazuh api selector css fix * Fix/elastic UI upgrade breaking changes in 7.11 and 7.12 3318 (#3345) * Added required legend to EuiButtonGroup component * Removed deprecated withTitle on EuiPopover component * Added changelog * Improved code readability * Fix error due short graphs (#3349) * Changed the way of hiding unloaded charts by setting them to display: none instead of height * Updated changelog * Applied prettier and moved logical operations outside render return to improve legibility * Fixed a typo in changelog * Fix/3320 visualization label overlap (#3355) * Refactor of visualization definitions For each visualization, for each attribute that was a string of a JSON object, they were converted to an object inside a `JSON.stringify()` and applied the formatter in order to make them easier to read and maintain. * Added a filter true to all the line, area and histogram visualizations This should prevent any labels from ever overlapping at low widths * Fix export to csv table button 7.11 & 7.12 (#3358) * Refactor of visualization definitions For each visualization, for each attribute that was a string of a JSON object, they were converted to an object inside a `JSON.stringify()` and applied the formatter in order to make them easier to read and maintain. * Added a filter true to all the line, area and histogram visualizations This should prevent any labels from ever overlapping at low widths * Updated changelog * Added toolbar buttons to tables * Added changelog * Added changelog * Fixed changelog Co-authored-by: Manuel Gómez Castro <manuel.gomez@wazuh.com> * doc: add missing changelog for revision 4108 * doc: change 4.2.1 for revision 4202 * fix: move createGetter to common-services.ts * fix: update import for getErrorOrchestrator * fix: add Copyright comment in the new file Co-authored-by: Pablo Martínez <pablomarga@hotmail.com> Co-authored-by: Toni <34042064+Desvelao@users.noreply.github.com> Co-authored-by: Gabriel Wassan <gabriel.wassan@wazuh.com> Co-authored-by: Alejandro Cuéllar Peinado <alejandro.cuellar@wazuh.com> Co-authored-by: sortizowlh <47242022+sortizowlh@users.noreply.github.com> Co-authored-by: Federico Rodriguez <federico.rodriguez@wazuh.com> Co-authored-by: Ezequiel Airaudo <36004787+eze9252@users.noreply.github.com> Co-authored-by: mpRegalado <80431234+mpRegalado@users.noreply.github.com> Co-authored-by: Maximiliano Ibarra <maximilianoaibarra@gmail.com> Co-authored-by: Ibarra Maximiliano <maximiliano.ibarra@wazuh.com> Co-authored-by: Pablo Martínez <pablo.martinez@wazuh.com> Co-authored-by: Desvelao <iamdesvelao@gmail.com> Co-authored-by: Matias Ezequiel Moreno <49887871+matiasmoreno876@users.noreply.github.com> Co-authored-by: Manuel Gómez Castro <manuel.gomez@wazuh.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #3239
Filtered evolution of agents by manager
Added code to the Evolution graph so that it only shows agents for the currently selected manager.
Possible issues
The
wazuh-monitoring-*indexes only store info about the API by name. For cluster APIs, this name is the name of the cluster; for single manager APIs, this name is the name of the manager.Should two clusters or two independent managers have the same name, there wouldn't be enough unique information to identify which API they belong to and both would show on the graph.
Steps to reproduce
Visit the Agents section in the wazuh menu
Screenshots
Graph of the other API with the opposite situation