Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Download shared files for agent groups dinamically #519

Merged
merged 23 commits into from Apr 29, 2018
Merged

Download shared files for agent groups dinamically #519

merged 23 commits into from Apr 29, 2018

Conversation

TJOSERAFAEL
Copy link
Contributor

@TJOSERAFAEL TJOSERAFAEL commented Apr 9, 2018
edited

…and agents.

To use this new feature put a "files.yml" inside /var/ossec/etc/shared
This file will be parsed every time we restart the manager.

An example of the files.yml file:

groups:
  default:
    files:
      agent.conf: http://example.com/agent.conf
      rootcheck.txt: https://example.com/rootcheck.txt
      merged.mg: http://example.com/merged.mg
    poll: 15

  mygroup2:
    files:
      agent.conf: http://example.com/agent.conf
    poll: 200

agents:
  001: default
  002: group_test

If a group contains merged.mg file the manager will push it to the agents belonging to the specified group.

In the agents: section we can assign a group to specific agents if the group the belong is the "default" group.
For example when we register an agent at first it belongs to the default group. If we assign the agent to another group in the agents: section, the configuration for that group will be pushed to that agent.

If we have errors on the yaml file, we can spot them by looking at the /var/ossec/logs/ossec.log file

@vikman90
Copy link
Member

This PR is related to issue #468.

@vikman90 vikman90 added this to To do in Wazuh 3.5 via automation Apr 12, 2018
@vikman90 vikman90 self-assigned this Apr 12, 2018
@vikman90 vikman90 added the type/enhancement New feature or request label Apr 12, 2018
@vikman90 vikman90 moved this from To do to In progress in Wazuh 3.5 Apr 16, 2018
@vikman90 vikman90 moved this from In progress to To do in Wazuh 3.5 Apr 16, 2018
@vikman90 vikman90 mentioned this pull request Apr 17, 2018
Closed
@vikman90 vikman90 force-pushed the dev-download-shared-files branch 2 times, most recently from 6413dba to 7d17d78 Compare April 26, 2018 08:35
@vikman90 vikman90 moved this from To do to In progress in Wazuh 3.5 Apr 28, 2018
@vikman90 vikman90 force-pushed the dev-download-shared-files branch 4 times, most recently from b373b09 to f0ae62e Compare April 28, 2018 23:38
@vikman90
Copy link
Member

vikman90 commented Apr 29, 2018
edited

  • Prevent depending on autoconf, automake or libtool.
  • Enable compilation for Windows agents.
  • Enable compilation for macOS.
  • Enable compilation for BSD.
  • Enable compilation for Solaris 11.
  • Attempt to reload YML file once per loop, not once per group.
  • Try to exclude libyaml and libcurl from agents.

@vikman90 vikman90 merged commit 40d4e98 into master Apr 29, 2018
Wazuh 3.5 automation moved this from In progress to Done Apr 29, 2018
@vikman90 vikman90 deleted the dev-download-shared-files branch April 29, 2018 03:16
@vikman90 vikman90 changed the title Implemented feature for downloading shared files for multiple groups … Download shared files for agent groups dinamically May 1, 2018
@jesuslinares
Copy link
Contributor

Hi guys,

That syntax is not YML:

  • Settings must not be variable ("rootcheck.txt", "merged.mg", etc.).
  • List members are denoted by a leading hyphen (-) with one member per line, or enclosed in square brackets ([ ]) and separated by comma space (, ).
  • https://en.wikipedia.org/wiki/YAML#Syntax

In addition, it is not descriptive:

  • files.yml should be changed for something more auto-descriptive.
  • If "merged" is present, the other files will be ignored. I recommend using different settings and show a warning if both settings are used at the same time.

Example:

group-configurations:
  - name: group-default
    download_files:
      - name: agent.conf
        url: http://example.com/agent.conf
      - name: rootcheck.txt
        url: https://example.com/rootcheck.txt
    download_merge: http://example.com/merged.mg
    poll: 15

  - name: group-mygroup2
    download_files:
      - name: agent.conf
        url: http://example.com/agent.conf
    poll: 200

group-assignments:
  - agent_id: 001
    group: default

  - agent_id: 002
    group: group_test

Regards,
Jesus.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vikman90 vikman90 vikman90 approved these changes

Assignees

@vikman90 vikman90

Labels
type/enhancement New feature or request
Projects
No open projects
Wazuh 3.5
  
Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@TJOSERAFAEL @vikman90 @jesuslinares