Skip to content

Commit

Permalink
Merge branch '4.7.5' into merge-4.7.5-into-4.8.0
Browse files Browse the repository at this point in the history
  • Loading branch information
javimed committed May 22, 2024
2 parents 39b5b83 + 56179f5 commit 6eb1626
Show file tree
Hide file tree
Showing 7 changed files with 133 additions and 16 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,10 @@ All notable changes to this project will be documented in this file.
- Removed documentation for the ``allow-os`` vulnerability detection option. ([#7177](https://github.com/wazuh/wazuh-documentation/pull/7177))
- Removed the *Migrating from OSSEC* section. ([#7301](https://github.com/wazuh/wazuh-documentation/pull/7301))

## [v4.7.5]

- Support for Wazuh 4.7.5

## [v4.7.4]

- Support for Wazuh 4.7.4
Expand Down
1 change: 1 addition & 0 deletions source/_static/js/redirects.js
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,7 @@ newUrls['4.7'] = [
'/release-notes/release-4-7-2.html',
'/release-notes/release-4-7-3.html',
'/release-notes/release-4-7-4.html',
'/release-notes/release-4-7-5.html',
'/cloud-security/azure/posture-management.html',
'/cloud-security/gcp/posture-management.html',
'/cloud-security/gcp/instances.html',
Expand Down
73 changes: 60 additions & 13 deletions source/cloud-service/archive-data/access.rst
Original file line number Diff line number Diff line change
Expand Up @@ -14,28 +14,29 @@ To access your archive data, you need an AWS token that grants permission on the
See the :doc:`Wazuh Cloud CLI </cloud-service/cli/index>` section to learn how to list and download your archive data automatically.


The following example describes the steps to follow to list the files of your archive data:
Getting your API key and the AWS token
--------------------------------------

#. Obtain your Wazuh Cloud API key by following the steps outlined in the API :doc:`Authentication </cloud-service/apis/authentication>` section.

1. Before your start using the Wazuh Cloud API, you need an API key. To generate your API key, see the :ref:`Authentication <cloud_apis_auth>` section.

2. Use the ``POST /storage/token`` endpoint of the :cloud-api-ref:`Wazuh Cloud API <tag/storage>` to get the AWS token and access the archive data of a specific environment. In this example, we generate an AWS token valid for 3600 seconds for environment `0123456789ab`.
#. Use the :cloud-api-ref:`POST /storage/token <tag/storage>` API endpoint with your key to get a temporary AWS token. For example, the following request generates an AWS token valid for ``3600`` seconds that grants access to the environment archive data with ID ``012345678ab``.

.. code-block::
curl -XPOST https://api.cloud.wazuh.com/v2/storage/token -H "x-api-key: <YOUR_API_KEY>" -H "Content-Type: application/json" --data '
{
"environment_cloud_id": "0123456789ab",
"environment_cloud_id": "012345678ab",
"token_expiration": "3600"
}'
.. code-block:: console
:class: output
:emphasize-lines: 7-10
{
"environment_cloud_id": "0123456789ab",
"environment_cloud_id": "012345678ab",
"aws": {
"s3_path": "wazuh-cloud-cold-us-east-1/0123456789ab",
"s3_path": "wazuh-cloud-cold-us-east-1/012345678ab",
"region": "us-east-1",
"credentials": {
"access_key_id": "mUdT2dBjlHd...Gh7Ni1yZKR5If",
Expand All @@ -46,19 +47,65 @@ The following example describes the steps to follow to list the files of your ar
}
}
3. Using the AWS-CLI tool to list the files, add the token to the AWS credentials file ``~/.aws/credentials``.
Generating the AWS `wazuh_cloud_storage` profile
------------------------------------------------

Add the token to the AWS credentials file ``~/.aws/credentials``.

.. code-block:: console
:emphasize-lines: 4
[wazuh_cloud_storage]
aws_access_key_id = mUdT2dBjlHd...Gh7Ni1yZKR5If
aws_secret_access_key = qEzCk63a224...5aB+e4fC1BR0G
aws_session_token = MRg3t7HIuoA...4o4BXSAcPfUD8
4. Run the following command to list your files.
Listing archive data
---------------------

.. code-block:: console
$ aws --profile wazuh_cloud_storage --region us-east-1 s3 ls wazuh-cloud-cold-us-east-1/0123456789ab
This command lists the archive data files of the environment `012345678ab`.

.. code-block:: console
# aws --profile wazuh_cloud_storage --region us-east-1 s3 ls --recursive s3://wazuh-cloud-cold-us-east-1/012345678ab/
.. code-block:: none
:class: output
2024-04-19 17:50:06 493 012345678ab/output/alerts/2024/04/19/012345678ab_output_alerts_20240419T2050_VqaWCpX9oPfDkRpD.json.gz
2024-04-19 18:00:05 77759 012345678ab/output/alerts/2024/04/19/012345678ab_output_alerts_20240419T2100_kdBY42OvE9QJuiia.json.gz
Examples
--------

Downloading archive data – Multiple files
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

This command downloads the archive data files of the environment ``012345678ab`` into the ``/home/test/`` directory.

.. code-block:: console
# aws --profile wazuh_cloud_storage --region us-east-1 s3 cp --recursive s3://wazuh-cloud-cold-us-east-1/012345678ab/ /home/test/
.. code-block:: none
:class: output
download: s3://wazuh-cloud-cold-us-east-1/012345678ab/output/alerts/2024/04/19/012345678ab_output_alerts_20240419T2050_VqaWCpX9oPfDkRpD.json.gz to output/alerts/2024/04/19/012345678ab_output_alerts_20240419T2050_VqaWCpX9oPfDkRpD.json.gz
download: s3://wazuh-cloud-cold-us-east-1/012345678ab/output/alerts/2024/04/19/012345678ab_output_alerts_20240419T2100_kdBY42OvE9QJuiia.json.gz to output/alerts/2024/04/19/012345678ab_output_alerts_20240419T2100_kdBY42OvE9QJuiia.json.gz
Downloading archive data – Single file
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

This command downloads the ``012345678ab_output_alerts_20240419T2050_VqaWCpX9oPfDkRpD.json.gz`` file of the environment ``012345678ab`` into the directory ``/home/test``.

.. code-block:: console
# aws --profile wazuh_cloud_storage --region us-east-1 s3 cp --recursive s3://wazuh-cloud-cold-us-east-1/012345678ab/012345678ab_output_alerts_20240419T2050_VqaWCpX9oPfDkRpD.json.gz /home/test/
.. code-block:: none
:class: output
You now have access to your archive data.
download: s3://wazuh-cloud-cold-us-east-1/012345678ab/output/alerts/2024/04/19/012345678ab_output_alerts_20240419T2050_VqaWCpX9oPfDkRpD.json.gz to ./012345678ab_output_alerts_20240419T2050_VqaWCpX9oPfDkRpD.json.gz
10 changes: 7 additions & 3 deletions source/cloud-service/cli/index.rst
Original file line number Diff line number Diff line change
Expand Up @@ -88,10 +88,14 @@ This command generates an AWS token to access the archive data of the environmen
.. code-block:: none
:class: output
The following AWS credentials will be valid until 2021-05-07 13:45:24:
Environment Cloud ID: '012345678ab'
Region: 'us-east-1'
S3 path: 'wazuh-cloud-cold-us-east-1/012345678ab'
The following AWS credentials will be valid until 2024-04-22 13:55:27:
[wazuh_cloud_storage]
aws_access_key_id = A...Q
aws_secret_access_key = A...E
aws_access_key_id = A...M
aws_secret_access_key = L...0
aws_session_token = F...Q==
Listing archive data
Expand Down
2 changes: 2 additions & 0 deletions source/release-notes/index-4x.rst
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ This section summarizes the most important features of each Wazuh 4.x release.
Wazuh version Release date
============================================= ====================
:doc:`4.8.0 </release-notes/release-4-8-0>` TBD
:doc:`4.7.5 </release-notes/release-4-7-5>` TBD
:doc:`4.7.4 </release-notes/release-4-7-4>` 29 April 2024
:doc:`4.7.3 </release-notes/release-4-7-3>` 4 March 2024
:doc:`4.7.2 </release-notes/release-4-7-2>` 10 January 2024
Expand Down Expand Up @@ -67,6 +68,7 @@ Wazuh version Release date
.. toctree::

4.8.0 Release notes <release-4-8-0>
4.7.5 Release notes <release-4-7-5>
4.7.4 Release notes <release-4-7-4>
4.7.3 Release notes <release-4-7-3>
4.7.2 Release notes <release-4-7-2>
Expand Down
1 change: 1 addition & 0 deletions source/release-notes/index.rst
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ This section summarizes the most important features of each Wazuh release.
Wazuh version Release date
============================================== ====================
:doc:`4.8.0 </release-notes/release-4-8-0>` TBD
:doc:`4.7.5 </release-notes/release-4-7-5>` TBD
:doc:`4.7.4 </release-notes/release-4-7-4>` 29 April 2024
:doc:`4.7.3 </release-notes/release-4-7-3>` 4 March 2024
:doc:`4.7.2 </release-notes/release-4-7-2>` 10 January 2024
Expand Down
58 changes: 58 additions & 0 deletions source/release-notes/release-4-7-5.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
.. Copyright (C) 2015, Wazuh, Inc.
.. meta::
:description: Wazuh 4.7.5 has been released. Check out our release notes to discover the changes and additions of this release.

4.7.5 Release notes - TBD
=========================

This section lists the changes in version 4.7.5. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.

What's new
----------

This release includes new features or enhancements as the following:

Wazuh manager
^^^^^^^^^^^^^

- `#23441 <https://github.com/wazuh/wazuh/pull/23441>`__ Added a database endpoint to recalculate the hash of agent groups.

Wazuh dashboard
^^^^^^^^^^^^^^^

- `#6687 <https://github.com/wazuh/wazuh-dashboard-plugins/pull/6687>`__ Added sanitization to custom branding SVG files.

Resolved issues
---------------

This release resolves known issues as the following:

Wazuh manager
^^^^^^^^^^^^^

=========================================================== =============
Reference Description
=========================================================== =============
`#23447 <https://github.com/wazuh/wazuh/pull/23447>`__ Fixed an issue in a cluster task where full group synchronization was constantly triggered.
`#23216 <https://github.com/wazuh/wazuh/pull/23216>`__ Fixed race condition when creating agent database files from a template.
=========================================================== =============

Wazuh agent
^^^^^^^^^^^

=========================================================== =============
Reference Description
=========================================================== =============
`#23468 <https://github.com/wazuh/wazuh/pull/23468>`__ Fixed segmentation fault in the logcollector multiline-regex configuration.
`#23543 <https://github.com/wazuh/wazuh/pull/23543>`__ Fixed crash in FIM module when processing paths with non UTF-8 characters.
=========================================================== =============

Changelogs
----------

More details about these changes are provided in the changelog of each component:

- `wazuh/wazuh <https://github.com/wazuh/wazuh/blob/v4.7.5/CHANGELOG.md>`__
- `wazuh/wazuh-dashboard <https://github.com/wazuh/wazuh-dashboard-plugins/blob/v4.7.5-2.8.0/CHANGELOG.md>`__
- `wazuh/wazuh-packages <https://github.com/wazuh/wazuh-packages/releases/tag/v4.7.5>`__

0 comments on commit 6eb1626

Please sign in to comment.