search

wazuh / wazuh-agent

Wazuh agent, the Wazuh agent for endpoints.
GNU Affero General Public License v3.0
27 stars 18 forks source link

Implement Daemon Mode for Windows #142

Closed vikman90 closed 1 month ago

vikman90 commented 1 month ago

Parent Issue:

Description

This task focuses on implementing the daemon (background service) mode of the Wazuh agent for Windows systems. The agent will need to function as a Windows service that can be managed using the standard Windows Service Manager interface.

Functional Requirements

  1. Implement the Wazuh agent as a Windows service using Windows Service API.
  2. Create a logging mechanism that writes to the Windows Event Viewer.
  3. Integrate the agent with the Windows Service Manager, enabling the following CLI commands:
    • wazuh-agent start (starts the agent service)
    • wazuh-agent status (checks if the agent is running as a service)
    • wazuh-agent stop (stops the agent service)
  4. The agent should handle Windows service events and control signals gracefully.

Non-Functional Requirements

Acceptance Criteria

  1. The agent correctly responds to start, stop, and status commands.
  2. Logs are appropriately stored in the Windows Event Viewer.
sdvendramini commented 1 month ago

18/09/2024

Understanding issue requirements and doing research on windows services implementation. Looked at the old wazuh-agent windows service code. Synch with team mates to develop the parts this issue and the Unix daemon issue have in common.

19/09/2024

Together with @aritosteles , we started the development of the common parts with the Unix daemon issue.

23/09/2024

I started the development of the windows services and run the firsts manual tests.

24/09/2024

Service install/remove methods are working. The method to query status is ready. The handler is defined for the stop and shutdown events that launch the corresponding signals to stop the agent previously with the existing signalhandler. This is useful for when the stop is done from the windows services or when the OS is shutdown. It is already possible to start the service manually, by starting the agent or executing the binary to launch the registry.

25/09/2024

I was working in the use of agent signals and in methods to start and stop the service.

26/09/2024

I was setting the configs needed on windows to run all the clang checks locally. I was refactoring the code and doing some manually tests.

27/09/2024

I have created the draft PR and coordinate with @aritosteles to keep only one main function and the same file to call the daemon/service functions.

30/09/2024

I have been trying to rearrange the code according to the changes in the unix daemon issue. But I have problems during the windows service main thread allocation. I have not managed to solve it yet.

01/10/2024

I've updated the PR and opened it for review. The code was reorganized according to the changes rebased from the base branch.

02/10/2024

I was working on the PR comments. I'm trying to enhance the way the service status changes because, after stopping it from the Windows Services UI, the service becomes disabled.

03/10/2024

I've completed the enhancement for the service status changes along with a few minor adjustments to the previous commits.