New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Store CIS-CAT results into Wazuh DB #568

Closed
wants to merge 6 commits into
base: master
from

Conversation

Projects
2 participants
@chemamartinez
Member

chemamartinez commented Apr 24, 2018

It has been added a new table into agent databases to store the CIS-CAT summary information of each scan.

An example of the stored data:

sqlite> select * from ciscat_results;
id|scan_id|scan_time|benchmark|pass|fail|error|notchecked|unknown|score
1|253746112|2018-04-23T08:51:36.614-07:00|CIS Ubuntu Linux 16.04 LTS Benchmark|93|60|0|67|0|61

@chemamartinez chemamartinez requested a review from vikman90 Apr 24, 2018

@vikman90 vikman90 referenced this pull request Apr 24, 2018

Closed

CIS-CAT improvements #534

3 of 3 tasks complete

@vikman90 vikman90 added this to To do in Wazuh 3.5 via automation Apr 27, 2018

@vikman90 vikman90 added the enhancement label May 3, 2018

@vikman90

I think CIS-CAT should not be a plugin decoder: it won't have a definition in the XML decoders. CIS-CAT should behave like Syscollector: reserve a message queue type like CISCAT_MQ='e' in headers/mq_op.c and switch the proper decoder in analysisd.c, just like Syscollector.

Show outdated Hide outdated src/analysisd/decoders/ciscat.c Outdated
Show outdated Hide outdated src/wazuh_modules/wm_ciscat.c Outdated
@vikman90

Please merge from master in order to solve conflicts.

@vikman90 vikman90 self-assigned this May 3, 2018

@vikman90 vikman90 moved this from To do to In progress in Wazuh 3.5 May 3, 2018

chemamartinez added some commits May 21, 2018

Requested changes:
New queue for CIS-CAT events.
Updated copyright of files.
Used lowercase for variables.

@vikman90 vikman90 referenced this pull request May 25, 2018

Merged

CIS-CAT improvements #658

5 of 5 tasks complete
@chemamartinez

This comment has been minimized.

Show comment
Hide comment
@chemamartinez

chemamartinez May 25, 2018

Member

Merged at #658

Member

chemamartinez commented May 25, 2018

Merged at #658

Wazuh 3.5 automation moved this from In progress to Done May 25, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment