Skip to content

Latest commit

 

History

History
1447 lines (1077 loc) · 104 KB

CHANGELOG.md

File metadata and controls

1447 lines (1077 loc) · 104 KB

Change Log

All notable changes to the Wazuh app project will be documented in this file.

Wazuh v3.11.2 - Kibana v7.5.2 - Revision 853

Added

  • Support for Kibana v7.5.2

Wazuh v3.11.2 - Kibana v6.8.6, v7.3.2, v7.5.1 - Revision 852

Added

  • Support for Wazuh v3.11.2

Changed

  • Increased list filesize limit for the CDB-list #1993

Fixed

  • The xml validator now correctly handles the -- string within comments #1980
  • The AWS map visualization wasn't been loaded until the user interacts with it dd31bd7

Wazuh v3.11.1 - Kibana v6.8.6, v7.3.2, v7.5.1 - Revision 581

Added

  • Support for Wazuh v3.11.1.

Wazuh v3.11.0 - Kibana v6.8.6, v7.3.2, v7.5.1 - Revision 580

Added

  • Support for Wazuh v3.11.0.
  • Support for Kibana v7.5.1.
  • The API credentials configuration has been moved from the .wazuh index to a wazuh.yml configuration file. Now the configuration of the API hosts is done from the file and not from the application. #1465 #1771.
  • Upload ruleset files using a "drag and drop" component #1770
  • Add logs for the reporting module #1622.
  • Extended the "Add new agent" guide #1767.
  • Add new table for windows hotfixes #1932

Changed

  • Removed Discover from top menu #1699.
  • Hide index pattern selector in case that only one exists #1799.
  • Remove visualizations legend #1936
  • Normalize the field whodata in the group reporting #1921
  • A message in the configuration view is ambiguous #1870
  • Refactor syscheck table #1941

Fixed

  • Empty files now throws an error #1806.
  • Arguments for wazuh api requests are now validated #1815.
  • Fixed the way to check admin mode #1838.
  • Fixed error exporting as CSV the files into a group #1833.
  • Fixed XML validator false error for < 1882
  • Fixed "New file" editor doesn't allow saving twice #1896
  • Fixed decoders files #1929
  • Fixed registration guide #1926
  • Fixed infinite load on Ciscat views #1920, #1916
  • Fixed missing fields in the Visualizations #1913
  • Fixed Amazon S3 status is wrong in configuration section #1864
  • Fixed hidden overflow in the fim configuration #1887
  • Fixed Logo source fail after adding server.basePath #1871
  • Fixed the documentation broken links #1853

Wazuh v3.10.2 - Kibana v7.5.1 - Revision 556

Added

  • Support for Kibana v7.5.1

Wazuh v3.10.2 - Kibana v7.5.0 - Revision 555

Added

  • Support for Kibana v7.5.0

Wazuh v3.10.2 - Kibana v7.4.2 - Revision 549

Added

  • Support for Kibana v7.4.2

Wazuh v3.10.2 - Kibana v7.4.1 - Revision 548

Added

  • Support for Kibana v7.4.1

Wazuh v3.10.2 - Kibana v7.4.0 - Revision 547

Added

  • Support for Kibana v7.4.0
  • Support for Wazuh v3.10.2.

Wazuh v3.10.2 - Kibana v7.3.2 - Revision 546

Added

  • Support for Wazuh v3.10.2.

Wazuh v3.10.1 - Kibana v7.3.2 - Revision 545

Added

  • Support for Wazuh v3.10.1.

Wazuh v3.10.0 - Kibana v7.3.2 - Revision 543

Added

  • Support for Wazuh v3.10.0.
  • Added an interactive guide for registering agents, things are now easier for the user, guiding it through the steps needed ending in a copy & paste snippet for deploying his agent #1468.
  • Added new dashboards for the recently added regulatory compliance groups into the Wazuh core. They are HIPAA and NIST-800-53 #1468, #1638.
  • Make the app work under a custom Kibana space #1234, #1450.
  • Added the ability to manage the app as a native plugin when using Kibana spaces, now you can safely hide/show the app depending on the selected space #1601.
  • Adapt the app the for Kibana dark mode #1562.
  • Added an alerts summary in Overview > FIM panel #1527.
  • Export all the information of a Wazuh group and its related agents in a PDF document #1341.
  • Export the configuration of a certain agent as a PDF document. Supports granularity for exporting just certain sections of the configuration #1340.

Changed

  • Reduced Agents preview load time using the new API endpoint /summary/agents #1687.
  • Replaced most of the md-nav-bar Angular.js components with React components using EUI #1705.
  • Replaced the requirements slider component with a new styled component #1708.
  • Soft deprecated the .wazuh-version internal index, now the app dumps its content if applicable to a registry file, then the app removes that index. Further versions will hard deprecate this index #1467.
  • Visualizations now don't fetch the documents source, also, they now use size: 0 for fetching #1663.
  • The app menu is now fixed on top of the view, it's not being hidden on every state change. Also, the Wazuh logo was placed in the top bar of Kibana UI #1502.
  • Improved getTimestamp method not returning a promise object because it's no longer needed 014bc3a. Also improved main Discover listener for Wazuh not returning a promise object bd82823.
  • Replaced Requirements over time visualizations in both PCI DSS and GDPR dashboards 35c539.
  • Do not show a toaster when a visualization field was not known yet, instead, show it just in case the internal refreshing failed 19a2e7.
  • Minor optimizations for server logging eb8e000.

Fixed

  • Alerts search bar fixed for Kibana v7.3.1, queries were not being applied as expected #1686.
  • Hide attributes field from non-Windows agents in the FIM table #1710.
  • Fixed broken view in Management > Configuration > Amazon S3 > Buckets, some information was missing #1675.
  • Keep user's filters when switching from Discover to panel #1685.
  • Reduce load time and amount of data to be fetched in Management > Cluster monitoring section avoiding possible timeouts #1663.
  • Restored Remove column feature in Discover tabs #1702.
  • Apps using Kibana v7.3.1 had a bug once the user goes back from Agent > FIM > Files to Agent > FIM > dashboard, filters disappear, now it's working properly #1700.
  • Fixed visual bug in Management > Cluster monitoring and a button position 1e3b748.
  • The app installation date was not being updated properly, now it's fixed #1692.
  • Fixed Network interfaces table in Inventory section, the table was not paginating #1474.
  • Fixed APIs passwords are now obfuscated in server responses adc3152.

Wazuh v3.9.5 - Kibana v6.8.2 / Kibana v7.2.1 / Kibana v7.3.0 - Revision 531

Added

  • Support for Wazuh v3.9.5

Wazuh v3.9.4 - Kibana v6.8.1 / Kibana v6.8.2 / Kibana v7.2.0 / Kibana v7.2.1 / Kibana v7.3.0 - Revision 528

Added

  • Support for Wazuh v3.9.4
  • Allow filtering by clicking a column in rules/decoders tables 0e2ddd7
  • Allow open file in rules table clicking on the file column 1af929d

Changed

  • Improved app performance #1640.
  • Remove path filter from custom rules and decoders 895792e
  • Show path column in rules and decoders 6f49816
  • Removed SCA overview dashboard 94ebbff
  • Disabled last custom column removal f1ef7de
  • Agents messages across sections unification 8fd7e36

Fixed

  • Fix check storeded apis d6115d6.
  • Fix pci-dss console error 297080d
  • Fix error in reportingTable 85b7266
  • Fix filters budgets size c7ac86a
  • Fix missing permalink virustotal visualization 1b57529
  • Improved wz-table performance 224bd6f
  • Fix inconsistent data between visualizations and tables in Overview Security Events b12c600
  • Timezone applied in cluster status a4f620d
  • Fixed Overview Security Events report when wazuh.monitoring is disabled 1c26da0
  • Fixes in APIs management 2143943
  • Prevent duplicated visualization toast errors 786faf3
  • Fix not properly updated breadcrumb in ruleset section 9645903
  • Fix badly dimensioned table in Integrity Monitoring section 9645903
  • Fix implicit filters can be destroyed 9cf8578
  • Windows agent dashboard doesn't show failure logon access. d38d088
  • Number of agents is not properly updated. f7cbbe5
  • Missing scrollbar on Firefox file viewer. df4e8f9
  • Agent search filter by name, lost when refreshing. 71b5274
  • Alerts of level 12 cannot be displayed in the Summary table. ec0e888
  • Restored query from search bar in visualizations. 439128f
  • Fix Kibana filters loop in Firefox. 82f0f32

Wazuh v3.9.3 - Kibana v6.8.1 / v7.1.1 / v7.2.0 - Revision 523

Added

  • Support for Wazuh v3.9.3
  • Support for Kibana v7.2.0 #1556.

Changed

  • New design and several UI/UX changes #1525.
  • Improved error checking + syscollector performance 94d0a83.
  • Adapt Syscollector for MacOS agents a4bf7ef.
  • Show last scan for syscollector 73f2056.
  • Extendend information for syscollector #1585.

Fixed

  • Corrected width for agent stats a998955.
  • Fix height for the menu directive with Dynamic height 427d0f3.
  • Fix wazuh-db and clusterd check cddcef6.
  • Fix AlertsStats when value is "0", it was showing "-" 07a3e10.
  • Fix syscollector state value f8d3d0e.
  • Fix time offset for reporting table 2ef500b.
  • Fix call to obtain GDPR requirements for specific agent ccda846.
  • Restore "rule.id" as a clickable field in visualizations #1546.
  • Fix timepicker in cluster monitoring f7533ce.
  • Fix several bugs #1569.
  • Fully removed "rule.id" as URL field #1584.
  • Fix filters for dashboards #1583.
  • Fix missing dependency #1591.

Wazuh v3.9.2 - Kibana v7.1.1 - Revision 510

Added

  • Support for Wazuh v3.9.2

Changed

  • Avoid showing more than one toaster for the same error message 7937003.
  • Restored "Alerts evolution - Top 5 agents" in Overview > Security events f9305c0.

Fixed

  • Fix missing parameters in Dev Tools request #1496.
  • Fix "Invalid Date" for Safari and Internet Explorer #1505.

Wazuh v3.9.1 - Kibana v7.1.1 - Revision 509

Added

  • Support for Kibana v7.1.1
  • Added overall metrics for Agents > Overview #1479.

Fixed

  • Fixed missing dependency for Discover 43f5dd5.
  • Fixed visualization for Agents > Overview #1477.
  • Fixed SCA policy checks table #1478.

Wazuh v3.9.1 - Kibana v7.1.0 - Revision 508

Added

  • Support for Kibana v7.1.0

Wazuh v3.9.1 - Kibana v6.8.0 - Revision 444

Added

  • Support for Wazuh v3.9.1
  • Support for Kibana v6.8.0

Fixed

  • Fixed background color for some parts of the Discover directive 2dfc763.
  • Fixed cut values in non-resizable tables when the value is too large cc4828f.
  • Fixed handled but not shown error messages from rule editor 0aa0e17.
  • Minor typos corrected fe11fb6.
  • Minor fixes in agents configuration 1bc2175.
  • Fix Management > logs viewer scrolling f458b2e.

Changed

  • Kibana version shown in settings is now read from our package.json c103d3e.
  • Removed an old header from Settings 0197b8b.
  • Improved index pattern validation fields, replaced "full_log" with "rule.id" as part of the minimum required fields dce0595.
  • Improve dynamic height for configuration editor c318131.
  • Add timezone for all dates shown in the app 4b8736f.

Wazuh v3.9.0 - Kibana v6.7.0 / v6.7.1 / v6.7.2 - Revision 441

Added

  • Support for Wazuh v3.9.0
  • Support for Kibana v6.7.0 / v6.7.1 / v6.7.2
  • Edit master and worker configuration (#1215).
  • Edit local rules, local decoders and CDB lists (#1212, #1204, #1196, #1233, #1304).
  • View no local rules/decoders XML files (#1395)
  • Dev Tools additions
    • Added hotkey [shift] + [enter] for sending query (#1170).
    • Added Export JSON button for the Dev Tools (#1170).
  • Added refresh button for agents preview table (#1169).
  • Added configuration assessment information in "Agent > Policy monitoring" (#1227).
  • Added agents configuration assessment configuration section in "Agent > Configuration" (1257)
  • Restart master and worker nodes (#1222).
  • Restart agents (#1229).
  • Added support for more than one Wazuh monitoring pattern (#1243)
  • Added customizable interval for Wazuh monitoring indices creation (#1243).
  • Expand visualizations (#1246).
  • Added a dynamic table columns selector (#1246).
  • Added resizable columns by dragging in tables (d2bf8ee)
  • Added a cron job for fetching missing fields of all valid index patterns, also merging dynamic fields every time an index pattern is refreshed by the app (#1276).
  • Added auto-merging dynamic fields for Wazuh monitoring index patterns (#1300)
  • New server module, it's a job queue so we can add delayed jobs to be run in background, this iteration only accepts delayed Wazuh API calls (#1283).
  • Added new way to view logs using a logs viewer (#1292)
  • Added new directive for registering agents from the UI, including instructions on "how to" (#1321).
  • Added some Angular charts in Agents Preview and Agents SCA sections (#1364)
  • Added Docker listener settings in configuration views (#1365)
  • Added Docker dashboards for both Agents and Overview (#1367)
  • Improved app logger with debug level (#1373)
  • Introducing React components from the EUI framework

Changed

  • Escape XML special characters (#1159).
  • Changed empty results message for Wazuh tables (#1165).
  • Allowing the same query multiple times on the Dev Tools (#1174)
  • Refactor JSON/XML viewer for configuration tab (#1173, #1148).
  • Using full height for all containers when possible (#1224).
  • Improved the way we are handling "back button" events (#1207).
  • Changed some visualizations for FIM, GDPR, PCI, Vulnerability and Security Events (#1206, #1235, #1293).
  • New design for agent header view (#1186).
  • Not fetching data the very first time the Dev Tools are opened (#1185).
  • Refresh all known fields for all valid index patterns if kbn-vis detects a broken index pattern (ecd7c8f).
  • Truncate texts and display a tooltip when they don't fit in a table cell (7b56a87)
  • Updated API autocomplete for Dev Tools (#1218)
  • Updated switches design to adapt it to Kibana's design (#1253)
  • Reduced the width of some table cells with little text, to give more space to the other columns (#1263).
  • Redesign for Management > Status daemons list (#1284).
  • Redesign for Management > Configuration, Agent > Configuration (#1289).
  • Replaced Management > Logs table with a log viewer component (#1292).
  • The agents list search bar now allows to switch between AND/OR operators (#1291).
  • Improve audit dashboards (#1374)
  • Exclude agent "000" getting the last registered and the most active agents from the Wazuh API.(#1391)
  • Reviewed Osquery dashboards (#1394)
  • Memory info is now a log (#1400)
  • Error toasters time is now 30000ms, warning/info are still 6000ms (#1420)

Fixed

  • Properly handling long messages on notifier service, until now, they were using out of the card space, also we replaced some API messages with more meaningful messages (#1168).
  • Adapted Wazuh icon for multiple browsers where it was gone (#1208).
  • Do not fetch data from tables twice when resize window (#1303).
  • Agent syncrhonization status is updated as we browse the configuration section (#1305)
  • Using the browser timezone for reporting documents (#1311).
  • Wrong behaviors in the routing system when the basePath was set (#1342)
  • Do not show pagination for one-page tables (196c5b7)
  • Being redirected to Overview once a Kibana restart is performed (#1378)
  • Displaying the AWS services section of the aws-s3 wodle (#1393)
  • Show email configuration on the configuration on demand (#1401)
  • Show "Follow symbolic link" field in Integrity monitoring - Monitored configuration on demand (0c9c9da)

Wazuh v3.8.2 - Kibana v6.6.0 / v6.6.1 / v6.6.2 / v6.7.0 - Revision 419

Added

  • Support for Kibana v6.6.0 / v6.6.1 / v6.6.2 / v6.7.0

Fixed

  • Fixed AWS dashboard, newer JavaScript browser engines break the view due to Angular.js (6e882fc).
  • Fixed AWS accounts visualization, using the right field now (6e882fc).

Wazuh v3.8.2 - Kibana v6.5.4 - Revision 418

Added

  • Support for Wazuh v3.8.2

Changed

  • Close configuration editor only if it was successfully updated (bc77c35).
  • Replaced FIM Vega visualization with standard visualization (554ee1c).

Wazuh v3.8.1 - Kibana v6.5.4 - Revision 417

Added

  • Support for Wazuh v3.8.1

Changed

  • Moved monitored/ignored Windows registry entries to "FIM > Monitored" and "FIM > Ignored" to avoid user confusion (#1176).
  • Excluding managers from wazuh-monitoring indices (#1177).
  • Escape & before sending group configuration (d3aa56f).
  • Improved autoFormat function before rendering group configuration (f4f8144).
  • Now the group configuration editor doesn't exit after sending data to the Wazuh API (5c1a3ef).

Fixed

  • Fixed style for the error toaster for long URLs or long paths (11b8084).

Wazuh v3.8.0 - Kibana v6.5.4 - Revision 416

Added

  • Added group management features such as:
    • Edit the group configuration (#1096).
    • Add/remove groups to/from an agent (#1096).
    • Add/remove agents to/from a group (#1096).
    • Add/remove groups (#1152).
  • New directive for tables that don't need external data sources (#1067).
  • New search bar directive with interactive filters and suggestions (#1058).
  • New server route /elastic/alerts for fetching alerts using custom parameters(#1056).
  • New table for an agent FIM monitored files, if the agent OS platform is Windows it will show two tables: files and registry (#1032).
  • Added description to each setting under Settings > Configuration (#1048).
  • Added a new setting to config.yml related to Wazuh monitoring and its index pattern (#1095).
  • Resizable columns by dragging in Dev-tools (#1102).
  • New feature to be able to edit config.yml file from the Settings > Configuration section view (#1105).
  • Added a new table (network addresses) for agent inventory tab (#1111).
  • Added audit_key (Who-data Audit keys) for configuration tab (#1123).
  • Added new known fields for Kibana index pattern (#1150).

Changed

  • Changed Inventory tables. Now the app looks for the OS platform and it shows different tables depending on the OS platform. In addition the process state codes has been replaced to be more meaningful (#1059).
  • Tiny rework for the AWS tab including.
  • "Report" button is hidden on Discover panel (#1047).
  • Visualizations, filters and Discover improved (#1083).
  • Removed popularizeField function until elastic/kibana#22426 is solved in order to avoid Unable to write index pattern! error on Discover tab (#1085).
  • Improved Wazuh monitoring module (#1094).
  • Added "Registered date" and "Last keep alive" in agents table allowing you to sort by these fields (#1102).
  • Improved code quality in sections such as Ruleset > Rule and Decoder detail view simplify conditions (#1102).
  • Replaced reporting success message (#1102).
  • Reduced the default number of shards and the default number of replicas for the app indices (#1113).
  • Refreshing index pattern known fields on health check controller (#1119).
  • Less strict memory check (786c764).
  • Checking message origin in error handler (dfec368).
  • Dev tools is now showing the response as it is, like curl does (#1137).
  • Removed unknown as valid node name (#1149).
  • Removed rule.id direct filter from the rule set tables (#1151)

Fixed

  • Restored X-Pack security logic for the .wazuh index, now it's not bypassing the X-Pack roles (#1081)
  • Avoid fetching twice the same data (#1072, #1061).
  • Wazuh logo adapted to low resolutions (#1074).
  • Hide Audit, OpenSCAP tabs for non-linux agents. Fixed empty Windows events under Configuration > Log collection section. OSQuery logo has been standardized (#1072, #1076).
  • Fix empty values on Overview > Security events when Wazuh monitoring is disabled (#1091).
  • Fix overlapped play button in Dev-tools when the input box has a scrollbar (#1102).
  • Fix Dev-tools behavior when parse json invalid blocks (#1102).
  • Fixed Management > Monitoring tab frustration adding back buttons (#1102).
  • Fix template checking when using more than one pattern (#1104).
  • Fix infinite loop for Wazuh monitoring when the Wazuh API is not being able to give us all the agents (5a26916), (85005a1).
  • Fix rule details for list and info parameters (#1149).

Wazuh v3.7.1 / v3.7.2 - Kibana v6.5.1 / v6.5.2 / v6.5.3 / v6.5.4 - Revision 415

Added

  • Support for Elastic stack v6.5.2 / v6.5.3 / v6.5.4.
  • Support for Wazuh v3.7.1 / v3.7.2.
  • Dev Tools module now autocompletes API endpoints (#1030).

Changed

  • Increased number of rows for syscollector tables (#1033).
  • Modularized JSON/XML viewers for the configuration section (#982).

Fixed

  • Added missing fields for syscollector network tables (#1036).
  • Using the right API path when downloading CSV for decoders list (#1045).
  • Including group field when downloading CSV for agents list (#1044).
  • Preserve active tab in configuration section when refreshing the page (#1037).

Wazuh v3.7.0 - Kibana v6.5.0 / v6.5.1 - Revision 414

Added

  • Support for Elastic Stack v6.5.0 / v6.5.1.
  • Agent groups bar is now visible on the agent configuration section (#1023).
  • Added a new setting for the config.yml file for enable/disable administrator mode (#1019).
    • This allows the user to perform PUT, POST, DELETE methods in our Dev Tools.

Changed

  • Refactored most front-end controllers (#1023).

Wazuh v3.7.0 - Kibana v6.4.2 / v6.4.3 - Revision 413

Added

  • Support for Wazuh v3.7.0.
  • Support for Elastic Stack v6.4.2 / v6.4.3.
  • Brand-new interface for Configuration (on both Management and Agents tabs) (#914):
    • Now you can check current and real agent and manager configuration.
    • A new interface design, with more useful information and easy to understand descriptions.
    • New and more responsive JSON/XML viewers to show the configuration in raw mode.
  • Brand-new extension - Osquery (#938):
    • A new extension, disabled by default.
    • Check alerts from Wazuh's Osquery integration.
    • Check your current Osquery wodle configuration.
    • More improvements will come for this extension in the future.
  • New option for Wazuh app configuration file - Ignore index patterns (#947):
    • Now the user can specify which index patterns can't be selected on the app using the new ip.ignore setting on the config.yml file.
    • The valid format is an array of strings which represents index patterns.
    • By default, this list is empty (all index patterns will be available if they use a compatible structure).
  • Added a node selector for Management > Status section when Wazuh cluster is enabled (#976).
  • Added quick access to Configuration or Discover panels for an agent on the agents list (#939).
  • Now you can click on an agent's ID on the Discover panels to open its details page on the app (#904).
  • Redesigned the Overview > Amazon AWS tab, using more meaningful visualizations for a better overall view of your agents' status (#903).
  • Redesigned the Overview/Agents > Vulnerabilities tab, using more meaningful visualizations for a better overall view of your agents' status (#954).
  • Now everytime the user enters the Settings tab, the API connection will be automatically checked (#971).
  • Added a node selector for Management > Logs section when Wazuh cluster is enabled (#980).
  • Added a group selector for Agents section (#995).

Changed

  • Interface refactoring for the Agents > Inventory data tab (#924):
    • Now the tab won't be available if your agent doesn't have Syscollector enabled, and each card will be enabled or disabled depending on the current Syscollector scans configuration.
    • This will prevent situations where the user couldn't check the inventory although there was actual scan data to show on some sections.
  • Added support for new multigroups feature (#911):
    • Now the information bars on Agents will show all the groups an agent belongs to.
  • Now the result pane on the Dev tools tab will show the error code coming from the Wazuh API (#909).
  • Changed some visualizations titles for Overview/Agents > OpenSCAP tab (#925).
  • All backend routes have been renamed (#932).
  • Several improvements for Elasticsearch tests (#933).
  • Updated some strings and descriptions on the Settings tab (#934).
  • Changed the date format on Settings > Logs to make it more human-readable (#944).
  • Changed some labels to remove the "MD5 sum" expression, it will use "Checksum" instead (#945).
  • Added word wrapping class to group name in Management > Groups > Group detail tab (#945).
  • The wz-table directive has been refactored (#953).
  • The wz-table directive now checks if a request is aborted (#979).
  • Several performance improvements (#985, #997, #1000).

Fixed

  • Several known fields for Whodata functionality have been fixed (#901).
  • Fixed alignment bug with the Add a filter + button on Discover and Agents tabs (#912).
  • Fixed a bug where the Add API form on Settings didn't appear when pressing the button after editing an existing API entry (#944).
  • Fixed a bug on Ruleset tab where the "Description" column was showing 0 if the rule doesn't have any description (#948).
  • Fixed wrong alignment on related Rules/Decoders tables from Management > Ruleset tab (#971).
  • Fixed a bug where sometimes the error messages appeared duplicated (#971).

Removed

  • On the Management > Monitoring tab, the Cluster enabled but not running message won't appear as an error anymore (#971).

Wazuh v3.6.1 - Kibana v6.4.1 / v6.4.2 / v6.4.3 - Revision 412

Added

  • Support for Elastic Stack v6.4.1 / v6.4.2 / v6.4.3.

Wazuh v3.6.1 - Kibana v6.4.0 - Revision 411

Added

  • Redesigned the Overview > Integrity monitoring tab, using more meaningful visualizations for a better overall view of your agents' status (#893).
  • Added a new table for the Inventory tab: Processes (#895).
  • Improved error handling for tables. Now the table will show an error message if it wasn't able to fetch and load data (#896).

Changed

  • The app source code has been improved, following best practices and coding guidelines (#892).
  • Included more app tests and prettifier for better code maintainability (#883 & #885).

Fixed

  • Fixed minor visual errors on some GDPR, PCI DSS and Vulnerabilities visualizations (#894).

Wazuh v3.6.1 - Kibana v6.4.0 - Revision 410

Added

  • The Inventory tab has been redesigned (#873):
    • Added new network interfaces and port tables.
    • Improved design using metric information bars and intuitive status indicators.
  • Added refresh functionality to the Settings > Logs tab (#852):
    • Now everytime the user opens the tab, the logs will be reloaded.
    • A new button to force the update has been added on the top left corner of the logs table.
  • Added tags and recursion_level configuration options to Management/Agent > Configuration tabs (#850).
  • The Kuery search syntax has been added again to the app (#851).
  • Added a first batch of Mocha tests and other quality of code improvements to the app (#859).
  • Now you can open specific rule details (the Management > Ruleset tab) when clicking on the rule.id value on the Discover tab (#862).
  • Now you can click on the rule ID value on the Management > Ruleset tab to search for related alerts on the Discover tab (#863).

Changed

  • The index pattern known fields have been updated up to 567 (#872).
  • Now the Inventory tab will always be available for all agents, and a descriptive message will appear if the agent doesn't have syscollector enabled (#879).

Fixed

  • Fixed a bug where the Inventory tab was unavailable if the user reloads the page while on the Agents > Configuration tab (#845).
  • Fixed some Overview > VirusTotal visualizations (#846).
  • Fixed a bug where the Settings > Extensions tab wasn't being properly hidden when there's no API entries inserted (#847).
  • Fixed a bug where the Current API indicator on the top navbar wasn't being properly updated when the user deletes all the API entries (#848).
  • Fixed a bug where the Agents coverage metric were not displaying a proper value when the manager has 0 registered agents (#849).
  • Fixed a bug where the wazuh-basic user role was able to update API entries (it should be forbidden) (#853).
  • Fixed a bug where the visualizations had scroll bars on the PDF reports (#870).
  • Fixed a bug on the Dev tools tab where the user couldn't execute the first request block if there was blank lines above it (#871).
  • Fixed a bug on pinned filters when opening tabs where the implicit filter was the same, making them stuck and unremovable from other tabs (#878).

Wazuh v3.6.1 - Kibana v6.4.0 - Revision 409

Added

  • Support for Wazuh v3.6.1.

Fixed

  • Fixed a bug on the Dev tools tab (b7c79f4).

Wazuh v3.6.1 - Kibana v6.3.2 - Revision 408

Added

  • Support for Wazuh v3.6.1.

Fixed

  • Fixed a bug on the Dev tools tab (4ca9ed5).

Wazuh v3.6.0 - Kibana v6.4.0 - Revision 407

Added

  • Support for Wazuh v3.6.0.

Wazuh v3.6.0 - Kibana v6.3.2 - Revision 406

Added

  • Support for Wazuh v3.6.0.

Wazuh v3.5.0 - Kibana v6.4.0 - Revision 405

Added

  • Support for Elastic Stack v6.4.0 (#813).

Wazuh v3.5.0 - Kibana v6.3.2 - Revision 404

Added

  • Added new options to config.yml to change shards and replicas settings for wazuh-monitoring indices (#809).
  • Added more error messages for wazuhapp.log in case of failure when performing some crucial functions (#812).
  • Now it's possible to change replicas settings for existing .wazuh, .wazuh-version and wazuh-monitoring indices on the config.yml file (#817).

Changed

  • App frontend code refactored and restructured (#802).
  • Now the Overview > Security events tab won't show anything if the only visualization with data is Agents status (#811).

Fixed

  • Fixed a bug where the RAM status message appreared twice the first time you opened the app (#807).
  • Fixed the app UI to make the app usable on Internet Explorer 11 (#808).

Wazuh v3.5.0 - Kibana v6.3.2 - Revision 403

Added

  • The welcome tabs on Overview and Agents have been updated with a new name and description for the existing sections (#788).
  • Now the app tables will auto-resize depending on the screen height (#792).

Changed

  • Now all the app filters on several tables will present the values in alphabetical order (#787).

Fixed

  • Fixed a bug on Decoders where clicking on the decoder wouldn't open the detail view if the Parent decoders filter was enabled (#782).
  • Fixed a bug on Dev tools when the first line on the editor pane was empty or had a comment (#790).
  • Fixed a bug where the app was throwing multiple warning messages the first time you open it (#791).
  • Fixed a bug where clicking on a different tab from Overview right after inserting the API credentials for the first time would always redirect to Overview (#791).
  • Fixed a bug where the user could have a browser cookie with a reference to a non-existing API entry on Elasticsearch (#794 & #795).

Removed

  • The cluster key has been removed from the API requests to /manager/configuration (#796).

Wazuh v3.5.0 - Kibana v6.3.1/v6.3.2 - Revision 402

Added

  • Support for Wazuh v3.5.0.
  • Added new fields for Vulnerability detector alerts (#752).
  • Added multi table search for wz-table directive. Added two new log levels for Management > Logs section (#753).

Wazuh v3.4.0 - Kibana v6.3.1/v6.3.2 - Revision 401

Added

  • Added a few new fields for Kibana due to the new Wazuh who-data feature (#763).
  • Added XML/JSON viewer for each card under Management > Configuration (#764).

Changed

  • Improved error handling for Dev tools. Also removed some unused dependencies from the Dev tools tab (#760).
  • Unified origin for tab descriptions. Reviewed some grammar typos (#765).
  • Refactored agents autocomplete component. Removed unused/deprecated modules (#766).
  • Simplified route resolves section (#768).

Fixed

  • Fixed missing cluster node filter for the visualization shown when looking for specific node under Management > Monitoring section (#758).
  • Fixed missing dependency injection for wzMisc factory (#768).

Removed

  • Removed angular-aria, angular-md5, ansicolors, js-yaml, querystring and lodash dependencies since Kibana includes all of them. Removed some unused images (#768).

Wazuh v3.4.0 - Kibana v6.3.1/v6.3.2 - Revision 400

Added

  • Support for Wazuh v3.4.0.
  • Support for Elastic Stack v6.3.2.
  • Support for Kuery as accepted query language (#742).
    • This feature is experimental.
  • Added new Who data fields from file integrity monitoring features (#746).
  • Added tab in Settings section where you can see the last logs from the Wazuh app server (#723).

Changed

  • Fully redesigned of the welcome screen along the different app sections (#751).
  • Now any agent can go to the Inventory tab regardless if it's enabled or not. The content will change properly according to the agent configuration (#744).
  • Updated the angular-material dependency to 1.1.10 (#743).
  • Any API entry is now removable regardless if it's the only one API entry (#740).
  • Performance has been improved regarding to agents status, they are now being fetched using distinct routes from the Wazuh API (#738).
  • Improved the way we are parsing some Wazuh API errors regarding to version mismatching (#735).

Fixed

  • Fixed wrong filters being applied in Ruleset > Rules and Ruleset > Decoders sections when using Lucene like filters plus path filters (#736).
  • Fixed the template checking from the healthcheck, now it allows to use custom index patterns (#739).
  • Fixed infinite white screen from Management > Monitoring when the Wazuh cluster is enabled but not running (#741).

Wazuh v3.3.0/v3.3.1 - Kibana v6.3.1 - Revision 399

Added

  • Added a new Angular.js factory to store the Wazuh app configuration values. Also, this factory is being used by the pre-routes functions (resolves); this way we are sure about having the real configuration at any time. These pre-routes functions have been improved too (#670).
  • Added extended information for reports from Reporting feature (#701).

Changed

  • Tables have been improved. Now they are truncating long fields and adding a tooltip if needed (#671).
  • Services have been improved (#715).
  • CSV formatted files have been improved. Now they are showing a more human readable column names (#717, #726).
  • Added/Modified some visualization titles (#728).
  • Improved Discover perfomance when in background mode (#719).
  • Reports from the Reporting feature have been fulyl redesigned (#701).

Fixed

  • Fixed the top menu API indicator when checking the API connection and the manager/cluster information had been changed (#668).
  • Fixed our logger module which was not writting logs the very first time Kibana is started neither after a log rotation (#667).
  • Fixed a regular expression in the server side when parsing URLs before registering a new Wazuh API (#690).
  • Fixed filters from specific visualization regarding to File integrity section (#694).
  • Fixed filters parsing when generating a report because it was not parsing negated filters as expected (#696).
  • Fixed visualization counter from OSCAP tab (#722).

Removed

  • Temporary removed CSV download from agent inventory section due to Wazuh API bug (#727).

Wazuh v3.3.0/v3.3.1 - Kibana v6.3.0 - Revision 398

Added

  • Improvements for latest app redesign (#652):
    • The Welcome tabs have been simplified, following a more Elastic design.
    • Added again the md-nav-bar component with refined styles and limited to specific sections.
    • The Settings > Welcome tab has been removed. You can use the nav bar to switch tabs.
    • Minor CSS adjustments and reordering.
  • Small app UI improvements (#634):
    • Added link to Agents Preview on the Agents tab breadcrumbs.
    • Replaced the Generate report button with a smaller one.
    • Redesigned Management > Ruleset md-chips to look similar to Kibana filter pills.
    • Added agent information bar from Agents > General to Agents > Welcome too.
    • Refactored flex layout on Welcome tabs to fix a height visual bug.
    • Removed duplicated loading rings on the Agents tab.
  • Improvements for app tables (#627):
    • Now the current page will be highlighted.
    • The gap has been fixed to the items per page value.
    • If there are no more pages for Next or Prev buttons, they will be hidden.
  • Improvements for app health check (#637):
    • Improved design for the view.
    • The checks have been placed on a table, showing the current status of each one.
  • Changes to our reporting feature (#639):
    • Now the generated reports will include tables for each section.
    • Added a parser for getting Elasticsearch data table responses.
    • The reporting feature is now a separated module, and the code has been refactored.
  • Improvements for app tables pagination (#646).

Changed

  • Now the pretty parameter on the Dev tools tab will be ignored to avoid Unexpected error messages (#624).
  • The pdfkit dependency has been replaced by pdfmake (#639).
  • Changed some Kibana tables for performance improvements on the reporting feature (#644).
  • Changed the method to refresh the list of known fields on the index pattern (#650):
    • Now when restarting Kibana, the app will update the fieldset preserving the custom user fields.

Fixed

  • Fixed bug on Agents CIS-CAT tab who wasn't loading the appropriate visualizations (#626).
  • Fixed a bug where sometimes the index pattern could be undefined during the health check process, leading into a false error message when loading the app (#640).
  • Fixed several bugs on the Settings > API tab when removing, adding or editing new entries.

Removed

  • Removed the app login system (#636):
    • This feature was unstable, experimental and untested for a long time. We'll provide much better RBAC capabilities in the future.
  • Removed the new Kuery language option on Discover app search bars.
    • This feature will be restored in the future, after more Elastic v6.3.0 adaptations.

Wazuh v3.3.0/v3.3.1 - Kibana v6.3.0 - Revision 397

Added

  • Support for Elastic Stack v6.3.0 (#579 & #612 & #615).
  • Brand-new Wazuh app redesign for the Monitoring tab (#581):
    • Refactored and optimized UI for these tabs, using a breadcrumbs-based navigability.
    • Used the same guidelines from the previous redesign for Overview and Agents tabs.
  • New tab for Agents - Inventory (#582):
    • Get information about the agent host, such as installed packages, motherboard, operating system, etc.
    • This tab will appear if the agent has the syscollector wodle enabled.
  • Brand-new extension - CIS-CAT Alerts (#601):
    • A new extension, disabled by default.
    • Visualize alerts related to the CIS-CAT benchmarks on the Overview and Agents tabs.
    • Get information about the last performed scan and its score.
  • Several improvements for the Dev tools tab (#583 & #597):
    • Now you can insert queries using inline parameters, just like in a web browser.
    • You can combine inline parameters with JSON-like parameters.
    • If you use the same parameter on both methods with different values, the inline parameter has precedence over the other one.
    • The tab icon has been changed for a more appropriate one.
    • The Execute query button is now always placed on the first line of the query block.
  • Refactoring for all app tables (#582):
    • Replaced the old wz-table directive with a new one, along with a new data factory.
    • Now the tables are built with a pagination system.
    • Much easier method for building tables for the app.
    • Performance and stability improvements when fetching API data.
    • Now you can see the total amount of items and the elapsed time.

Changed

  • Moved some logic from the Agents preview tab to the server, to avoid excessive client-side workload (#586).
  • Changed the UI to use the same loading ring across all the app tabs (#593 & #599).
  • Changed the No results message across all the tabs with visualizations (#599).

Fixed

  • Fixed a bug on the Settings/Extensions tab where enabling/disabling some extensions could make other ones to be disabled (#591).

Wazuh v3.3.0/v3.3.1 - Kibana v6.2.4 - Revision 396

Added

  • Support for Wazuh v3.3.1.
  • Brand-new Wazuh app redesign for the Settings tab (#570):
    • Refactored and optimized UI for these tabs, using a breadcrumbs-based navigability.
    • Used the same guidelines from the previous redesign for Overview and Agents tabs.
  • Refactoring for Overview and Agents controllers (#564):
    • Reduced duplicated code by splitting it into separate files.
    • Code optimization for a better performance and maintainability.
    • Added new services to provide similar functionality between different app tabs.
  • Added data.vulnerability.package.condition to the list of known fields (#566).

Changed

  • The wazuh-logs and wazuh-monitoring folders have been moved to the Kibana's optimize directory in order to avoid some error messages when using the kibana-plugin list command (#563).

Fixed

  • Fixed a bug on the Settings tab where updating an API entry with wrong credentials would corrupt the existing one (#558).
  • Fixed a bug on the Settings tab where removing an API entry while its edit form is opened would hide the Add API button unless the user reloads the tab (#558).
  • Fixed some Audit visualizations on the Overview and Agents tabs that weren't using the same search query to show the results (#572).
  • Fixed undefined variable error on the wz-menu directive (#575).

Wazuh v3.3.0 - Kibana v6.2.4 - Revision 395

Fixed

  • Fixed a bug on the Agent Configuration tab where the sync status was always NOT SYNCHRONIZED (#569).

Wazuh v3.3.0 - Kibana v6.2.4 - Revision 394

Added

  • Support for Wazuh v3.3.0.
  • Updated some backend API calls to include the app version in the request header (#560).

Wazuh v3.2.4 - Kibana v6.2.4 - Revision 393

Added

  • Brand-new Wazuh app redesign for Overview and Agents tabs (#543):
    • Updated UI for these tabs using breadcrumbs.
    • New Welcome screen, presenting all the tabs to the user, with useful links to our documentation.
    • Overall design improved, adjusted font sizes and reduced HTML code.
    • This base will allow the app to increase its functionality in the future.
    • Removed the md-nav-bar component for a better user experience on small screens.
    • Improved app performance removing some CSS effects from some components, such as buttons.
  • New filter for agent version on the Agents Preview tab (#537).
  • New filter for cluster node on the Agents Preview tab (#538).

Changed

  • Now the report generation process will run in a parallel mode in the foreground (#523).
  • Replaced the usage of $rootScope with two new factories, along with more controller improvements (#525).
  • Now the Extensions tab on Settings won't edit the .wazuh index to modify the extensions configuration for all users (#545).
    • This allows each new user to always start with the base extensions configuration, and modify it to its needs storing the settings on a browser cookie.
  • Now the GDPR requirements description on its tab won't be loaded if the Wazuh API version is not v3.2.3 or higher (#546).

Fixed

  • Fixed a bug where the app crashes when attempting to download huge amounts of data as CSV format (#521).
  • Fixed a bug on the Timelion visualizations from Management/Monitoring which were not properly filtering and showing the cluster nodes information (#530).
  • Fixed several bugs on the loading process when switching between tabs with or without visualizations in the Overview and Agents tab (#531 & #533).
  • Fixed a bug on the wazuh-monitoring index feature when using multiple inserted APIs, along with several performance improvements (#539).
  • Fixed a bug where the OS filter on the Agents Preview tab would exclude the rest of filters instead of combining them (#552).
  • Fixed a bug where the Extensions settings were restored every time the user opened the Settings tab or pressed the Set default manager button (#555 & #556).

Wazuh v3.2.3/v3.2.4 - Kibana v6.2.4 - Revision 392

Added

  • Support for Wazuh v3.2.4.
  • New functionality - Reporting (#510):
    • Generate PDF logs on the Overview and Agents tabs, with the new button next to Panels and Discover.
    • The report will contain the current visualizations from the tab where you generated it.
    • List all your generated reports, download or deleted them at the new Management/Reporting tab.
    • Warning: If you leave the tab while generating a report, the process will be aborted.
  • Added warning/error messages about the total RAM on the server side (#502):
    • None of this messages will prevent the user from accessing the app, it's just a recommendation.
    • If your server has less than 2GB of RAM, you'll get an error message when opening the app.
    • If your server has between 2GB and 3GB of RAM, you'll get a warning message.
    • If your server has more than 3GB of RAM, you won't get any kind of message.
  • Refactoring and added loading bar to Manager Logs and Groups tabs (#505).
  • Added more Syscheck options to Management/Agents configuration tabs (#509).

Fixed

  • Added more fields to the known-fields.js file to avoid warning messages on Discover when using Filebeat for alerts forwarding (#497).
  • Fixed a bug where clicking on the Check connection button on the Settings tab threw an error message although the API connected successfully (#504).
  • Fixed a bug where the Agents tab was not properly showing the total of agents due to the new Wazuh cluster implementation (#517).

Wazuh v3.2.3 - Kibana v6.2.4 - Revision 391

Added

  • Support for Wazuh v3.2.3.
  • Brand-new extension - GDPR Alerts (#453):
    • A new extension, enabled by default.
    • Visualize alerts related to the GDPR compliance on the Overview and Agents tabs.
    • The Ruleset tab has been updated to include GDPR filters on the Rules subtab.
  • Brand-new Management tab - Monitoring (#490):
    • Visualize your Wazuh cluster, both master and clients.
      • Get the current cluster configuration.
      • Nodes listing, sorting, searching, etc.
    • Get a more in-depth cluster status thanks to the newly added Timelion visualizations.
    • The Detail view gives you a summary of the node's healthcheck.
  • Brand-new tab - Dev tools (#449):
    • Find it on the top navbar, next to Discover.
    • Execute Wazuh API requests directly from the app.
    • This tab uses your currently selected API from Settings.
    • You can type different API requests on the input window, select one with the cursor, and click on the Play button to execute it.
    • You can also type comments on the input window.
  • More improvements for the Manager/Ruleset tab (#446):
    • A new colour palette for regex, order and rule description arguments.
    • Added return to List view on Ruleset button while on Detail view.
    • Fixed line height on all table headers.
    • Removed unused, old code from Ruleset controllers.
  • Added option on config.yml to enable/disable the wazuh-monitoring index (#441):
    • Configure the frequency time to generate new indices.
    • The default frequency time has been increased to 1 hour.
    • When disabled, useful metrics will appear on Overview/General replacing the Agent status visualization.
  • Added CSV exporting button to the app (#431):
    • Implemented new logic to fetch data from the Wazuh API and download it in CSV format.
    • Currently available for the Ruleset, Logs and Groups sections on the Manager tab and also the Agents tab.
  • More refactoring to the app backend (#439):
    • Standardized error output from the server side.
    • Drastically reduced the error management logic on the client side.
    • Applied the Facade pattern when importing/exporting modules.
    • Deleted unused/deprecated/useless methods both from server and client side.
    • Some optimizations to variable type usages.
  • Refactoring to Kibana filters management (#452 & #459):
    • Added new class to build queries from the base query.
    • The filter management is being done on controllers instead of the discover directive.
    • Now we are emitting specific events whenever we are fetching data or communicating to the discover directive.
    • The number of useless requests to fetch data has been reduced.
    • The synchronization actions are working as expected regardless the amount of data and/or the number of machine resources.
    • Fixed several bugs about filter usage and transition to different app tabs.
  • Added confirmation message when the user deletes an API entry on Settings/API (#428).
  • Added support for filters on the Manager/Logs tab when realtime is enabled (#433).
  • Added more filter options to the Detail view on Manager/Ruleset (#434).

Changed

  • Changed OSCAP visualization to avoid clipping issues with large agent names (#429).
  • Now the related Rules or Decoders sections on Manager/Ruleset will remain hidden if there isn't any data to show or while it's loading (#434).
  • Added a 200ms delay when fetching iterable data from the Wazuh API (#445 & #450).
  • Fixed several bugs related to Wazuh API timeout/cancelled requests (#445).
  • Added ENOTFOUND, EHOSTUNREACH, EINVAL, EAI_AGAIN options for API URL parameter checking (#463).
  • Now the Settings/Extensions subtab won't appear unless there's at least one API inserted (#465).
  • Now the index pattern selector on Settings/Pattern will also refresh the known fields when changing it (#477).
  • Changed the Manager tab into Management (#490).

Fixed

  • Fixed a bug where toggling extensions after deleting an API entry could lead into an error message (#465).
  • Fixed some performance bugs on the dataHandler service (#442 & #486).
  • Fixed a bug when loading the Agents preview tab on Safari web browser (#447).
  • Fixed a bug where a new extension (enabled by default) appears disabled when updating the app (#456).
  • Fixed a bug where pressing the Enter key on the Discover's tab search bar wasn't working properly (#488).

Removed

  • Removed the rison dependency from the package.json file (#452).
  • Removed unused Elasticsearch request to avoid problems when there's no API inserted (#460).

Wazuh v3.2.1/v3.2.2 - Kibana v6.2.4 - Revision 390

Added

  • Support for Wazuh v3.2.2.
  • Refactoring on visualizations use and management (#397):
    • Visualizations are no longer stored on an index, they're built and loaded on demand when needed to render the interface.
    • Refactoring on the whole app source code to use the import/export paradigm.
    • Removed old functions and variables from the old visualization management logic.
    • Removed cron task to clean remaining visualizations since it's no longer needed.
    • Some Kibana functions and modules have been overridden in order to make this refactoring work.
      • This change is not intrusive in any case.
  • New redesign for the Manager/Ruleset tab (#420):
    • Rules and decoders list now divided into two different sections: List view and Detail view.
    • Removed old expandable tables to move the rule/decoder information into a new space.
    • Enable different filters on the detail view for a better search on the list view.
    • New table for related rules or decoders.
    • And finally, a bunch of minor design enhancements to the whole app.
  • Added a copyright notice to the whole app source code (#395).
  • Updated .gitignore with the Node template (#395).
  • Added new module to the package.json file, rison (#404).
  • Added the errorHandler service to the blank screen scenario (#413):
    • Now the exact error message will be shown to the user, instead of raw JSON content.
  • Added new option on the config.yml file to disable the new X-Pack RBAC capabilities to filter index-patterns (#417).

Changed

  • Small minor enhancements to the user interface (#396):
    • Reduced Wazuh app logo size.
    • Changed buttons text to not use all-capitalized letters.
    • Minor typos found in the HTML/CSS code have been fixed.
  • Now the app log stores the package revision (#417).

Fixed

  • Fixed bug where the Agents tab didn't preserve the filters after reloading the page (#404).
  • Fixed a bug when using X-Pack that sometimes threw an error of false "Not enough privileges" scenario (#415).
  • Fixed a bug where the Kibana Discover auto-refresh functionality was still working when viewing the Agent configuration tab (#419).

Wazuh v3.2.1 - Kibana v6.2.4 - Revision 389

Changed

  • Changed severity and verbosity to some log messages (#412).

Fixed

  • Fixed a bug when using the X-Pack plugin without security capabilities enabled (#403).
  • Fixed a bug when the app was trying to create wazuh-monitoring indices without checking the existence of the proper template (#412).

Wazuh v3.2.1 - Kibana v6.2.4 - Revision 388

Added

  • Support for Elastic Stack v6.2.4.
  • App server fully refactored (#360):
    • Added new classes, reduced the amount of code, removed unused functions, and several optimizations.
    • Now the app follows a more ES6 code style on multiple modules.
    • Overview/Agents visualizations have been ordered into separated files and folders.
    • Now the app can use the default index defined on the /ect/kibana/kibana.yml file.
    • Better error handling for the visualizations directive.
    • Added a cron job to delete remaining visualizations on the .kibana index if so.
    • Also, we've added some changes when using the X-Pack plugin:
      • Better management of users and roles in order to use the app capabilities.
      • Prevents app loading if the currently logged user has no access to any index pattern.
  • Added the errorHandler service to the dataHandler factory (#340).
  • Added Syscollector section to Manager/Agents Configuration tabs (#359).
  • Added cluster.name field to the wazuh-monitoring index (#377).

Changed

  • Increased the query size when fetching the index pattern list (#339).
  • Changed active colour for all app tables (#347).
  • Changed validation regex to accept URLs with non-numeric format (#353).
  • Changed visualization removal cron task to avoid excessive log messages when there weren't removed visualizations (#361).
  • Changed filters comparison for a safer access (#383).
  • Removed some server.log messages to avoid performance errors (#384).
  • Changed the way of handling the index patterns list (#360).
  • Rewritten some false error-level logs to just information-level ones (#360).
  • Changed some files from JSON to CommonJS for performance improvements (#360).
  • Replaced some code on the kibana-discover directive with a much cleaner statement to avoid issues on the Agents tab (#394).

Fixed

  • Fixed a bug where several agent.id filters were created at the same time when navigating between Agents and Groups with different selected agents (#342).
  • Fixed logic on the index-pattern selector which wasn't showing the currently selected pattern the very first time a user opened the app (#345).
  • Fixed a bug on the errorHandler service who was preventing a proper output of some Elastic-related backend error messages (#346).
  • Fixed panels flickering in the Settings tab (#348).
  • Fixed a bug in the shards and replicas settings when the user sets the value to zero (0) (#358).
  • Fixed several bugs related to the upgrade process from Wazuh 2.x to the new refactored server (#363).
  • Fixed a bug in Discover/Agents VirusTotal tabs to avoid conflicts with the agent.name field (#379).
  • Fixed a bug on the implicit filter in Discover/Agents PCI tabs (#393).

Removed

  • Removed clear API password on checkPattern response (#339).
  • Removed old dashboard visualizations to reduce loading times (#360).
  • Removed some unused dependencies due to the server refactoring (#360).
  • Removed completely metricService from the app (#389).

Wazuh v3.2.1 - Kibana v6.2.2/v6.2.3 - Revision 387

Added

  • New logging system (#307):
    • New module implemented to write app logs.
    • Now a trace is stored every time the app is re/started.
    • Currently, the initialize.js and monitoring.js files work with this system.
    • Note: the logs will live under /var/log/wazuh/wazuhapp.log on Linux systems, on Windows systems they will live under kibana/plugins/. It rotates the log whenever it reaches 100MB.
  • Better cookies handling (#308):
    • New field on the .wazuh-version index to store the last time the Kibana server was restarted.
    • This is used to check if the cookies have consistency with the current server status.
    • Now the app is clever and takes decisions depending on new consistency checks.
  • New design for the Agents/Configuration tab (#310):
    • The style is the same as the Manager/Configuration tab.
    • Added two more sections: CIS-CAT and Commands (#315).
    • Added a new card that will appear when there's no group configuration at all (#323).
  • Added "group" column on the agents list in Agents (#312):
    • If you click on the group, it will redirect the user to the specified group in Manager/Groups.
  • New option for the config.yml file, ip.selector (#313):
    • Define if the app will show or not the index pattern selector on the top navbar.
    • This setting is set to true by default.
  • More CSS cleanup and reordering (#315):
    • New typography.less file.
    • New layout.less file.
    • Removed cleaned.less file.
    • Reordering and cleaning of existing CSS files, including removal of unused classes, renaming, and more.
    • The Settings tab has been refactored to correct some visual errors with some card components.
    • Small refactoring to some components from Manager/Ruleset (#323).
  • New design for the top navbar (#326):
    • Cleaned and refactored code
    • Revamped design, smaller and with minor details to follow the rest of Wazuh app guidelines.
  • New design for the wz-chip component to follow the new Wazuh app guidelines (#323).
  • Added more descriptive error messages when the user inserts bad credentials on the Add new API form in the Settings tab (#331).
  • Added a new CSS class to truncate overflowing text on tables and metric ribbons (#332).
  • Support for Elastic Stack v6.2.2/v6.2.3.

Changed

  • Improved the initialization system (#317):
    • Now the app will re-create the index-pattern if the user deletes the currently used by the Wazuh app.
    • The fieldset is now automatically refreshed if the app detects mismatches.
    • Now every index-pattern is dynamically formatted (for example, to enable the URLs in the Vulnerabilities tab).
    • Some code refactoring for a better handling of possible use cases.
    • And the best thing, it's no longer needed to insert the sample alert!
  • Improvements and changes to index-patterns (#320 & #333):
    • Added a new route, /get-list, to fetch the index pattern list.
    • Removed and changed several functions for a proper management of index-patterns.
    • Improved the compatibility with user-created index-patterns, known to have unpredictable IDs.
    • Now the app properly redirects to /blank-screen if the length of the index patterns list is 0.
    • Ignored custom index patterns with auto-generated ID on the initialization process.
      • Now it uses the value set on the config.yml file.
    • If the index pattern is no longer available, the cookie will be overwritten.
  • Improvements to the monitoring module (#322):
    • Minor refactoring to the whole module.
    • Now the wazuh-monitoring index pattern is regenerated if it's missing.
    • And the best thing, it's no longer needed to insert the monitoring template!
  • Now the app health check system only checks if the API and app have the same major.minor version (#311):
    • Previously, the API and app had to be on the same major.minor.patch version.
  • Adjusted space between title and value in some cards showing Manager or Agent configurations (#315).
  • Changed red and green colours to more saturated ones, following Kibana style (#315).

Fixed

  • Fixed bug in Firefox browser who was not properly showing the tables with the scroll pagination functionality (#314).
  • Fixed bug where visualizations weren't being destroyed due to ongoing renderization processes (#316).
  • Fixed several UI bugs for a better consistency and usability (#318).
  • Fixed an error where the initial index-pattern was not loaded properly the very first time you enter the app (#328).
  • Fixed an error message that appeared whenever the app was not able to found the wazuh-monitoring index pattern (#328).

Wazuh v3.2.1 - Kibana v6.2.2 - Revision 386

Added

  • New design for the Manager/Groups tab (#295).
  • New design for the Manager/Configuration tab (#297).
  • New design of agents statistics for the Agents tab (#299).
  • Added information ribbon into Overview/Agent SCAP tabs (#303).
  • Added information ribbon into Overview/Agent VirusTotal tabs (#306).
  • Added information ribbon into Overview AWS tab (#306).

Changed

  • Refactoring of HTML and CSS code throughout the whole Wazuh app (#294, #302 & #305):
    • A big milestone for the project was finally achieved with this refactoring.
    • We've removed the Bootstrap dependency from the package.json file.
    • We've removed and merged many duplicated rules.
    • We've removed HTML and angular-md overriding rules. Now we have more own-made classes to avoid undesired results on the UI.
    • Also, this update brings tons of minor bugfixes related to weird HTML code.
  • Wazuh app visualizations reviewed (#301):
    • The number of used buckets has been limited since most of the table visualizations were surpassing acceptable limits.
    • Some visualizations have been checked to see if they make complete sense on what they mean to show to the user.
  • Modified some app components for better follow-up of Kibana guidelines (#290 & #297).
    • Also, some elements were modified on the Discover tab in order to correct some mismatches.

Fixed

  • Adjusted information ribbon in Agents/General for large OS names (#290 & #294).
  • Fixed unsafe array access on the visualization directive when going directly into Manager/Ruleset/Decoders (#293).
  • Fixed a bug where navigating between agents in the Agents tab was generating duplicated agent.id implicit filters (#296).
  • Fixed a bug where navigating between different tabs from Overview or Agents while being on the Discover sub-tab was causing data loss in metric watchers (#298).
  • Fixed incorrect visualization of the rule level on Manager/Ruleset/Rules when the rule level is zero (0) (#298).

Removed

  • Removed almost every md-tooltip component from the whole app (#305).
  • Removed unused images from the img folder (#305).

Wazuh v3.2.1 - Kibana v6.2.2 - Revision 385

Added

  • Support for Wazuh v3.2.1.
  • Brand-new first redesign for the app user interface (#278):
    • This is the very first iteration of a work-in-progress UX redesign for the Wazuh app.
    • The overall interface has been refreshed, removing some unnecessary colours and shadow effects.
    • The metric visualizations have been replaced by an information ribbon under the filter search bar, reducing the amount of space they occupied.
      • A new service was implemented for a proper handling of the metric visualizations watchers (#280).
    • The rest of the app visualizations now have a new, more detailed card design.
  • New shards and replicas settings to the config.yml file (#277):
    • Now you can apply custom values to the shards and replicas for the .wazuh and .wazuh-version indices.
    • This feature only works before the installation process. If you modify these settings after installing the app, they won't be applied at all.

Changed

  • Now clicking again on the Groups tab on Manager will properly reload the tab and redirect to the beginning (#274).
  • Now the visualizations only use the vis-id attribute for loading them (#275).
  • The colours from the toast messages have been replaced to follow the Elastic 6 guidelines (#286).

Fixed

  • Fixed wrong data flow on Agents/General when coming from and going to the Groups tab (#273).
  • Fixed sorting on tables, now they use the sorting functionality provided by the Wazuh API (#274).
  • Fixed column width issues on some tables (#274).
  • Fixed bug in the Agent configuration JSON viewer who didn't properly show the full group configuration (#276).
  • Fixed excessive loading time from some Audit visualizations (#278).
  • Fixed Play/Pause button in timepicker's auto-refresh (#281).
  • Fixed unusual scenario on visualization directive where sometimes there was duplicated implicit filters when doing a search (#283).
  • Fixed some Overview Audit visualizations who were not working properly (#285).

Removed

  • Deleted the id attribute from all the app visualizations (#275).

Wazuh v3.2.0 - Kibana v6.2.2 - Revision 384

Added

  • New directives for the Wazuh app: wz-table, wz-table-header and wz-search-bar (#263):
    • Maintainable and reusable components for a better-structured app.
    • Several files have been changed, renamed and moved to new folders, following best practices.
    • The progress bar is now within its proper directive (#266).
    • Minor typos and refactoring changes to the new directives.
  • Support for Elastic Stack v6.2.2.

Changed

  • App buttons have been refactored. Unified CSS and HTML for buttons, providing the same structure for them (#269).
  • The API list on Settings now shows the latest inserted API at the beginning of the list (#261).
  • The check for the currently applied pattern has been improved, providing clever handling of Elasticsearch errors (#271).
  • Now on Settings, when the Add or Edit API form is active, if you press the other button, it will make the previous one disappear, getting a clearer interface (#9df1e31).

Fixed

  • Fixed visualizations directive to properly load the Manager/Ruleset visualizations (#262).
  • Fixed a bug where the classic extensions were not affected by the settings of the config.yml file (#266).
  • Fixed minor CSS bugs from the conversion to directives to some components (#266).
  • Fixed bug in the tables directive when accessing a member it doesn't exist (#266).
  • Fixed browser console log error when clicking the Wazuh logo on the app (#6647fbc).

Removed

  • Removed the kbn-dis directive from Manager/Ruleset (#262).
  • Removed the filters.js and kibana_fields_file.json files (#263).
  • Removed the implicitFilters service (#270).
  • Removed visualizations loading status trace from controllers and visualization directive (#270).

Wazuh v3.2.0 - Kibana v6.2.1 - Revision 383

Added

  • Support for Wazuh 3.2.0.
  • Compatibility with Kibana 6.1.0 to Kibana 6.2.1.
  • New tab for vulnerability detector alerts.

Changed

  • The app now shows the index pattern selector only if the list length is greater than 1.
    • If it's exactly 1 shows the index pattern without a selector.
  • Now the index pattern selector only shows the compatible ones.
    • It's no longer possible to select the wazuh-monitoring index pattern.
  • Updated Bootstrap to 3.3.7.
  • Improved filter propagation between Discover and the visualizations.
  • Replaced the login route name from /login to /wlogin to avoid conflict with X-Pack own login route.

Fixed

  • Several CSS bugfixes for better compatibility with Kibana 6.2.1.
  • Some variables changed for adapting new Wazuh API requests.
  • Better error handling for some Elastic-related messages.
  • Fixed browser console error from top-menu directive.
  • Removed undesired md-divider from Manager/Logs.
  • Adjusted the width of a column in Manager/Logs to avoid overflow issues with the text.
  • Fixed a wrong situation with the visualizations when we refresh the Manager/Rules tab.

Removed

  • Removed the travis.yml file.

Wazuh v3.1.0 - Kibana v6.1.3 - Revision 380

Added

  • Support for Wazuh 3.1.0.
  • Compatibility with Kibana 6.1.3.
  • New error handler for better app errors reporting.
  • A new extension for Amazon Web Services alerts.
  • A new extension for VirusTotal alerts.
  • New agent configuration tab:
    • Visualize the current group configuration for the currently selected agent on the app.
    • Navigate through the different tabs to see which configuration is being used.
    • Check the synchronization status for the configuration.
    • View the current group of the agent and click on it to go to the Groups tab.
  • New initial health check for checking some app components.
  • New YAML config file:
    • Define the initial index pattern.
    • Define specific checks for the healthcheck.
    • Define the default extensions when adding new APIs.
  • New index pattern selector dropdown on the top navbar.
    • The app will reload applying the new index pattern.
  • Added new icons for some sections of the app.

Changed

  • New visualizations loader, with much better performance.
  • Improved reindex process for the .wazuh index when upgrading from a 2.x-5.x version.
  • Adding 365 days expiring time to the cookies.
  • Change default behaviour for the config file. Now everything is commented with default values.
    • You need to edit the file, remove the comment mark and apply the desired value.
  • Completely redesigned the manager configuration tab.
  • Completely redesigned the groups tab.
  • App tables have now unified CSS classes.

Fixed

  • Play real-time button has been fixed.
  • Preventing duplicate APIs from feeding the wazuh-monitoring index.
  • Fixing the check manager connection button.
  • Fixing the extensions settings so they are preserved over time.
  • Much more error handling messages in all the tabs.
  • Fixed OS filters in agents list.
  • Fixed autocomplete lists in the agents, rules and decoders list so they properly scroll.
  • Many styles bugfixes for the different browsers.
  • Reviewed and fixed some visualizations not showing accurate information.

Removed

  • Removed index pattern configuration from the package.json file.
  • Removed unnecessary dependencies from the package.json file.

Wazuh v3.0.0 - Kibana v6.1.0 - Revision 371

Added

  • You can configure the initial index-pattern used by the plugin in the initialPattern variable of the app's package.json.
  • Auto .wazuh reindex from Wazuh 2.x - Kibana 5.x to Wazuh 3.x - Kibana 6.x.
    • The API credentials will be automatically migrated to the new installation.
  • Dynamically changed the index-pattern used by going to the Settings -> Pattern tab.
    • Wazuh alerts compatibility auto detection.
  • New loader for visualizations.
  • Better performance: now the tabs use the same Discover tab, only changing the current filters.
  • New Groups tab.
    • Now you can check your group configuration (search its agents and configuration files).
  • The Logs tab has been improved.
    • You can sort by field and the view has been improved.
  • Achieved a clearer interface with implicit filters per tab showed as unremovable chips.

Changed

  • Dynamically creating .kibana index if necessary.
  • Better integration with Kibana Discover.
  • Visualizations loaded at initialization time.
  • New sync system to wait for Elasticsearch JS.
  • Decoupling selected API and pattern from backend and moved to the client side.

Wazuh v2.1.0 - Kibana v5.6.1 - Revision 345

Added

  • Loading icon while Wazuh loads the visualizations.
  • Add/Delete/Restart agents.
  • OS agent filter

Changed

  • Using genericReq when possible.

Wazuh v2.0.1 - Kibana v5.5.1 - Revision 339

Changed

  • New index in Elasticsearch to save Wazuh set up configuration
  • Short URL's is now supported
  • A native base path from kibana.yml is now supported

Fixed

  • Search bar across panels now support parenthesis grouping
  • Several CSS fixes for IE browser