Merge branch '4.4' into 5957-images-update-4.4.0-seo-3

Dockerfile

@@ -7,8 +7,8 @@ FROM python:3.7-alpine
 
 COPY --chown=1000:1000 requirements.txt ./
 
-RUN python -m pip install --requirement requirements.txt && python -m pip install sphinx-autobuild==0.7.1
+RUN python -m pip install --requirement requirements.txt && python -m pip install sphinx-autobuild==2021.3.14
 
 EXPOSE 8000
 
-CMD ["sphinx-autobuild", "--host", "0.0.0.0", "--ignore","*.tmp","--port", "8000", "/home/python/docs", "/home/python/build/html"]
+CMD ["sphinx-autobuild", "--host", "0.0.0.0", "--ignore","*.tmp", "--ignore","**/*.min.*","--port", "8000", "/home/python/docs", "/home/python/build/html"]

source/_static/js/redirects.js

@@ -75,6 +75,51 @@ removedUrls['x.y'] = [
 /* Redirections from 4.3 to 4.4  */
 
 redirections.push(
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/auditing-whodata/index.html',
+      '4.4': '/user-manual/capabilities/file-integrity/advanced-settings.html#who-data-monitoring',
+    },
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/auditing-whodata/who-linux.html',
+      '4.4': '/user-manual/capabilities/file-integrity/advanced-settings.html#who-data-monitoring-on-linux',
+    },
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/auditing-whodata/who-windows.html',
+      '4.4': '/user-manual/capabilities/file-integrity/advanced-settings.html#who-data-monitoring-in-windows',
+    },
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/auditing-whodata/who-windows-policies.html',
+      '4.4': '/user-manual/capabilities/file-integrity/advanced-settings.html#manual-configuration-of-the-local-audit-policies-in-windows',
+    },
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/file-integrity/fim-configuration.html',
+      '4.4': '/user-manual/capabilities/file-integrity/index.html',
+    },  
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/file-integrity/fim-fields-rule-mapping.html',
+      '4.4': '/user-manual/capabilities/file-integrity/index.html',
+    }, 
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/antiflooding.html',
+      '4.4': '/user-manual/agents/antiflooding.html',
+    },
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/labels.html',
+      '4.4': '/user-manual/agents/labels.html',
+    },  
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/fluent-forwarder.html',
+      '4.4': '/user-manual/manager/fluent-forwarder.html',
+    },
     {
       'target': ['4.3=>4.4', '4.4=>4.3'],
       '4.3': '/amazon/services/supported-services/alb.html',
@@ -94,8 +139,63 @@ redirections.push(
       'target': ['4.3=>4.4', '4.4=>4.3'],
       '4.3': '/user-manual/capabilities/agent-key-polling.html',
       '4.4': '/user-manual/agents/key-request.html',
-    }
-);
+    },
+    {
+      'target': ['4.3=>4.4'],
+      '4.3': '/user-manual/capabilities/wazuh-logtest/index.html',
+      '4.4': '/user-manual/ruleset/testing.html',
+    },
+    {
+      'target': ['4.3=>4.4'],
+      '4.3': '/user-manual/capabilities/wazuh-logtest/how-it-works.html',
+      '4.4': '/user-manual/ruleset/testing.html',
+    },
+    {
+      'target': ['4.3=>4.4'],
+      '4.3': '/user-manual/capabilities/wazuh-logtest/logtest-configuration.html',
+      '4.4': '/user-manual/ruleset/testing.html#configuration',
+    },
+    {
+      'target': ['4.3=>4.4'],
+      '4.3': '/user-manual/capabilities/wazuh-logtest/logtest-faq.html',
+      '4.4': '/user-manual/ruleset/testing.html',
+    },
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/syscollector.html',
+      '4.4': '/user-manual/capabilities/system-inventory/index.html',
+    },
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/syscollector.html#how-it-works',
+      '4.4': '/user-manual/capabilities/system-inventory/how-it-works.html',
+    },
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/syscollector.html#available-scans',
+      '4.4': '/user-manual/capabilities/system-inventory/available-inventory-fields.html',
+    },
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/syscollector.html#compatibility-matrix',
+      '4.4': '/user-manual/capabilities/system-inventory/compatibility-matrix.html',
+    },
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/syscollector.html#using-syscollector-information-to-trigger-alerts',
+      '4.4': '/user-manual/capabilities/system-inventory/using-syscollector-information-to-trigger-alerts.html',
+    },
+    {
+      'target': ['4.3=>4.4', '4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/syscollector.html#use-case-visualize-system-inventory-in-the-wazuh-app',
+      '4.4': '/user-manual/capabilities/system-inventory/viewing-system-inventory-data.html',
+    },
+    {
+      'target': ['4.4=>4.3'],
+      '4.3': '/user-manual/capabilities/syscollector.html#use-case-visualize-system-inventory-in-the-wazuh-app',
+      '4.4': '/user-manual/capabilities/system-inventory/configuration.html',
+    },
+  );
 
 /* Pages added in 4.4 */
 
@@ -110,6 +210,9 @@ newUrls['4.4'] = [
   '/azure/activity-services/prerequisites/dependencies.html',
   '/user-manual/wazuh-dashboard/custom-branding.html',
   '/release-notes/release-4-4-0.html',
+  '/release-notes/release-4-4-1.html',
+  '/release-notes/release-4-4-2.html',
+  '/release-notes/release-4-4-3.html',
   '/nist/index.html',
   '/nist/visualization-and-dashboard.html',
   '/nist/log-data-analysis.html',
@@ -120,6 +223,34 @@ newUrls['4.4'] = [
   '/nist/vulnerability-detection.html',
   '/nist/active-response.html',
   '/nist/threat-intelligence.html',
+  '/user-manual/agents/antiflooding.html',
+  '/user-manual/agents/labels.html',
+  '/user-manual/manager/fluent-forwarder.html',
+  '/user-manual/capabilities/file-integrity/basic-settings.html',
+  '/user-manual/capabilities/file-integrity/how-to-configure-fim.html',
+  '/user-manual/capabilities/file-integrity/interpreting-fim-module-analysis.html',
+  '/user-manual/capabilities/file-integrity/creating-custom-fim-rules.html',   
+  '/user-manual/capabilities/file-integrity/advanced-settings.html',
+  '/user-manual/capabilities/file-integrity/use-cases/index.html',
+  '/user-manual/capabilities/file-integrity/use-cases/detecting-malware-persistence-technique.html',
+  '/user-manual/capabilities/file-integrity/use-cases/detecting-account-manipulation.html',
+  '/user-manual/capabilities/file-integrity/use-cases/monitoring-files-at-specific-intervals.html',
+  '/user-manual/capabilities/file-integrity/use-cases/reporting-file-changes.html',
+  '/user-manual/capabilities/file-integrity/use-cases/monitoring-configuration-changes.html',
+  '/user-manual/capabilities/file-integrity/windows-registry-monitoring.html',
+  '/user-manual/capabilities/system-inventory/index.html',
+  '/user-manual/capabilities/system-inventory/how-it-works.html',
+  '/user-manual/capabilities/system-inventory/viewing-system-inventory-data.html',
+  '/user-manual/capabilities/system-inventory/generating-system-inventory-reports.html',
+  '/user-manual/capabilities/system-inventory/available-inventory-fields.html',
+  '/user-manual/capabilities/system-inventory/compatibility-matrix.html',
+  '/user-manual/capabilities/system-inventory/using-syscollector-information-to-trigger-alerts.html',
+  '/user-manual/capabilities/system-inventory/configuration.html',
+  '/user-manual/capabilities/system-calls-monitoring/use-cases/index.html',
+  '/user-manual/capabilities/system-calls-monitoring/use-cases/monitoring-file-and-directory-access.html',
+  '/user-manual/capabilities/system-calls-monitoring/use-cases/monitoring-commands-run-as-root.html',
+  '/user-manual/capabilities/system-calls-monitoring/use-cases/privilege-abuse.html',
+  '/user-manual/capabilities/wazuh-archives.html',
 ];
 
 /* Pages removed in 4.4 */
@@ -142,6 +273,20 @@ removedUrls['4.4'] = [
   '/user-manual/securing-wazuh/elastic-stack.html',
   '/user-manual/wazuh-dashboard/rbac.html',
   '/learning-wazuh/build-lab/install-wazuh-central-components.html',
+  '/user-manual/capabilities/antiflooding.html',
+  '/user-manual/capabilities/labels.html',
+  '/user-manual/capabilities/fluent-forwarder.html',
+  '/user-manual/capabilities/wazuh-logtest/index.html',
+  '/user-manual/capabilities/wazuh-logtest/how-it-works.html',
+  '/user-manual/capabilities/wazuh-logtest/logtest-configuration.html',
+  '/user-manual/capabilities/wazuh-logtest/logtest-faq.html',
+  '/user-manual/capabilities/file-integrity/fim-configuration.html',
+  '/user-manual/capabilities/file-integrity/fim-fields-rule-mapping.html',
+  '/user-manual/capabilities/auditing-whodata/index.html',
+  '/user-manual/capabilities/auditing-whodata/who-linux.html',
+  '/user-manual/capabilities/auditing-whodata/who-windows.html',
+  '/user-manual/capabilities/auditing-whodata/who-windows-policies.html',  
+  '/user-manual/capabilities/syscollector.html',  
 ];
 
   /* *** RELEASE 4.3 ****/
@@ -194,6 +339,7 @@ newUrls['4.3'] = [
   '/release-notes/release-4-3-8.html',
   '/release-notes/release-4-3-9.html',
   '/release-notes/release-4-3-10.html',
+  '/release-notes/release-4-3-11.html',
   '/getting-started/use-cases/container-security.html',
   '/user-manual/agents/query-configuration.html',
   '/user-manual/agents/listing/wazuh-dashboard.html',

source/_templates/installations/basic/elastic/common/install_wazuh_kibana_plugin.rst

@@ -8,7 +8,7 @@
 
       .. code-block:: console
 
-        # sudo -u kibana /usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-4.4.0_7.17.9-1.zip
+        # sudo -u kibana /usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-4.4.2_7.17.9-1.zip
 
 
 
@@ -17,7 +17,7 @@
 
       .. code-block:: console
 
-        # sudo -u kibana /usr/share/kibana/bin/kibana-plugin install file:///path/wazuh_kibana-4.4.0_7.17.9-1.zip
+        # sudo -u kibana /usr/share/kibana/bin/kibana-plugin install file:///path/wazuh_kibana-4.4.2_7.17.9-1.zip
 
 
 

source/_themes/wazuh_doc_theme_v3/index.html

@@ -55,7 +55,7 @@
     <title>Wazuh documentation</title>
     <link rel="canonical" href="https://documentation.wazuh.com/current/index.html">
   </head>
-  <body>
+  <body data-release="{{ version }}">
     {% set index_redirect_js = get_js_by_page(pagename+'-redirect')[0] %}
     <script src="{{ pathto( index_redirect_js, 1) }}"></script>
   </body>

source/_themes/wazuh_doc_theme_v3/src/js-source/index-redirect.js

@@ -7,4 +7,5 @@ switch (document.location.protocol) {
   default:
     url = 'https://documentation.wazuh.com';
 }
-document.location = url + '/current/index.html';
+
+document.location = url + '/' + document.querySelector('body').getAttribute('data-release') + '/getting-started/index.html';

source/amazon/instances.rst

@@ -18,7 +18,7 @@ Thanks to the Wazuh agent, there are some capabilities available to monitor the
 - :doc:`File integrity monitoring </user-manual/capabilities/file-integrity/index>`
 - :doc:`/user-manual/capabilities/malware-detection/index`
 - :doc:`Security policy monitoring </user-manual/capabilities/policy-monitoring/index>`
-- :doc:`System inventory </user-manual/capabilities/syscollector>`
+- :doc:`System inventory </user-manual/capabilities/system-inventory/index>`
 - :doc:`Vulnerability detection </user-manual/capabilities/vulnerability-detection/index>`
 
 To learn more about the different Wazuh capabilities, check out :doc:`this section </user-manual/index>`.

source/amazon/services/prerequisites/dependencies.rst

@@ -18,7 +18,7 @@ Installing dependencies
 Python
 ------
 
-The AWS module requires Python 3. It is compatible with Python 3.6 to Python 3.9. Future Python releases should maintain compatibility although it cannot be guaranteed.
+The AWS module requires Python 3. It is compatible with Python 3.7 and above.
 
 .. tabs::
 
@@ -68,4 +68,4 @@ To install the dependencies, execute the following command:
 
 .. code-block:: console
 
-  # pip3 install boto3==1.17.85 botocore==1.20.85 jmespath==0.9.5 python-dateutil==2.8.1 six==1.14.0 urllib3==1.26.5 s3transfer==0.4.2
+  # pip3 install boto3==1.17.85 botocore==1.20.85 jmespath==0.9.5 python-dateutil==2.8.1 six==1.14.0 urllib3==1.26.5 s3transfer==0.4.2 pyarrow==8.0.0 numpy==1.21.6

source/amazon/services/supported-services/index.rst

@@ -10,6 +10,10 @@ Supported services
 
 All the services except ``Inspector Classic`` and ``CloudWatch Logs`` get their data from log files stored in an ``S3`` bucket. These services store their data into log files which are configured inside ``<bucket type='TYPE'> </bucket>`` tags, while ``Inspector Classic`` and ``CloudWatch Logs`` services are configured inside ``<service type='inspector'> </service>`` and ``<service type='cloudwatchlogs'> </service>`` tags, respectively.
 
+.. versionadded:: 4.4.2
+
+The ``<subscriber type='TYPE'> </subscriber>`` tags are added in order to obtain logs from ``Amazon Security Lake`` buckets.
+
 The next table contains the most relevant information about configuring each service in the ``ossec.conf`` file, as well as the path where the logs will be stored in the bucket if the corresponding service uses them as its storage medium:
 
 +--------------+----------------------------------------------------------+-----------------------+----------------+------------------------------------------------------------------------------------------------------------------+
@@ -45,6 +49,8 @@ The next table contains the most relevant information about configuring each ser
 +--------------+----------------------------------------------------------+-----------------------+----------------+------------------------------------------------------------------------------------------------------------------+
 | Amazon       | :ref:`Amazon ECR Image scanning <amazon_image_scanning>` | service               | cloudwatchlogs |                                                                                                                  |
 +--------------+----------------------------------------------------------+-----------------------+----------------+------------------------------------------------------------------------------------------------------------------+
+| Amazon       | :ref:`Amazon Security Lake <amazon_security_lake>`       | subscriber            | security_lake  |                                                                                                                  |
++--------------+----------------------------------------------------------+-----------------------+----------------+------------------------------------------------------------------------------------------------------------------+
 | Cisco        | :ref:`Umbrella <cisco_umbrella>`                         | bucket                | cisco_umbrella | <bucket_name>/<prefix>/<year>-<month>-<day>                                                                      |
 +--------------+----------------------------------------------------------+-----------------------+----------------+------------------------------------------------------------------------------------------------------------------+
 
@@ -66,3 +72,4 @@ The next table contains the most relevant information about configuring each ser
     ecr-image-scanning
     cisco-umbrella
     elastic-load-balancing/index
+    security-lake