Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix show call-out warning when there is no data in the vulnerabilities index #6173

Merged
merged 10 commits into from
Dec 1, 2023
Merged

Fix show call-out warning when there is no data in the vulnerabilities index #6173

merged 10 commits into from
Dec 1, 2023

Conversation

jbiset
Copy link
Member

@jbiset jbiset commented Nov 28, 2023
edited
Loading

Description

This pull request adds a vulnerability index data check and displays a warning call-out in case the index does not exist or there is no data in it. This applies to both the Dashboard tab and the Inventory tab.
This pull request also fixes the following changes:

  • Since the architecture field will not be in the index, it is necessary to remove the architecture field - both tabs vuls
  • Since the event field is not going to be in the index, it is necessary:
    • @timestamp is used instead of event.create in the "Accumulation of the most detected vulnerabilities" visualization
    • Delete event.create in inventory
  • Capitalize is used on the values in the vulnerability.severity fields.
  • In the OS filters of the vulnerabilities dashboard, use the os.full field
  • Added WarningError to error handling to recognize vulnerability warnings and adjust the health check accordingly

Issues Resolved

Evidence

Health check warning message when no indices match vulnerability index pattern

image

Vulnerability detection dashboard when no indices match vulnerability index pattern

image

Vulnerability detection inventory when no indices match vulnerability index pattern

image

Health check when the vulnerability index exists

image

Vulnerability detector dashboard when the vulnerability index exists, but mapping is wrong

image

Vulnerability detector dashboard when the vulnerability index exists and mapping is correct

image

Vulnerability detector inventory when the vulnerability index exists and mapping is correct

image

Test

Before remember to create the mapping of port 9200:9200 in osd1 in the dev.yml

  • When raising the environment for the first time. If the vulnerability index does not exist, a Warning should appear in the Health Check. But it should allow you to continue. When going to the vulnerabilities detector (Dashboard and Inventory), Warning should appear because no indices match vulnerability index pattern.
  • Create the index (wazuh-states-vulnerabilities) in the manager and insert data (using script of comment). The health-check will correctly create the index pattern and pass the health-check, although the dashboard will not be seen completely, because mapping is wrong.
  • Insert the corresponding mapping and see that the healthcheck passes correctly and the dashboard is shown complete (using dev-tools of comment). (Refresh vulnerabilities index-pattern then). The Inventory tab should also appear complete.

Check List

  • All tests pass
    • yarn test:jest
  • New functionality includes testing.
  • New functionality has been documented.
  • Update CHANGELOG.md
  • Commits are signed per the DCO using --signoff

@jbiset jbiset linked an issue Nov 28, 2023 that may be closed by this pull request
Show call-out warning when there is no data in the vulnerabilities index #6166
Closed
@jbiset jbiset marked this pull request as ready for review November 30, 2023 14:37
@jbiset jbiset requested a review from a team as a code owner November 30, 2023 14:37
@Machi3mfl Machi3mfl self-assigned this Nov 30, 2023
@Machi3mfl Machi3mfl removed their assignment Nov 30, 2023
@Machi3mfl Machi3mfl self-requested a review November 30, 2023 17:09
@Machi3mfl
Copy link
Member

Evidence

Screenshot 2023-11-30 at 15 19 10 Screenshot 2023-11-30 at 15 19 02 Screenshot 2023-11-30 at 15 18 54 Screenshot 2023-11-30 at 15 23 34 Screenshot 2023-11-30 at 15 24 06 Screenshot 2023-11-30 at 15 24 23 Screenshot 2023-11-30 at 15 24 36

@lucianogorza lucianogorza self-requested a review November 30, 2023 19:31
@lucianogorza
Copy link
Contributor

lucianogorza commented Nov 30, 2023
edited
Loading

Evidence

Health check warning message when no indices match vulnerability index pattern

image

Vulnerability detection dashboard when no indices match vulnerability index pattern

image

Vulnerability detection inventory when no indices match vulnerability index pattern

image

Health check when the vulnerability index exists

image

Vulnerability detector dashboard when the vulnerability index exists, but mapping is wrong

image

Vulnerability detector dashboard when the vulnerability index exists and mapping is correct

image

Vulnerability detector inventory when the vulnerability index exists and mapping is correct

image

@Desvelao
Copy link
Member

Desvelao commented Dec 1, 2023

I reviewed the pull request changes and there is code that is doing other things that are not related to display the callout. Maybe you could mention these changes into the description of the pull request to be aware of these too.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Dec 1, 2023

Wazuh Core plugin code coverage (Jest) test % values
Statements 21.47% ( 186 / 866 )
Branches 18.07% ( 79 / 437 )
Functions 14.22% ( 36 / 253 )
Lines 21.7% ( 183 / 843 )

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Dec 1, 2023

Wazuh Check Updates plugin code coverage (Jest) test % values
Statements 76.68% ( 171 / 223 )
Branches 57.57% ( 57 / 99 )
Functions 61.7% ( 29 / 47 )
Lines 76.68% ( 171 / 223 )

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Dec 1, 2023

Main plugin code coverage (Jest) test % values
Statements 12.03% ( 4138 / 34377 )
Branches 8.15% ( 1883 / 23089 )
Functions 11.45% ( 934 / 8155 )
Lines 12.21% ( 4027 / 32976 )

@asteriscos asteriscos merged commit 1b044de into 4.8.0 Dec 1, 2023
4 checks passed
@asteriscos asteriscos deleted the fix/6166-show-call-out-warning-when-there-is-no-data-in-the-vulnerabilities-index branch December 1, 2023 18:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Desvelao Desvelao Desvelao left review comments

@lucianogorza lucianogorza lucianogorza approved these changes

@Machi3mfl Machi3mfl Machi3mfl approved these changes

Assignees

@jbiset jbiset

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Show call-out warning when there is no data in the vulnerabilities index
5 participants
@jbiset @Machi3mfl @lucianogorza @Desvelao @asteriscos