asteriscos commented 2 months ago

Description

As part of the legacy removal objective, we need to scan Wazuh dashboard repositories to identify and remove/adapt the following items:

Remove Ossec references: We need to delete any reference to Ossec.

Objective

https://github.com/wazuh/wazuh/issues/22888

yenienserrano commented 1 month ago

File	To change	Change to
package.json	keywords: ["opensearch_dashboards","wazuh","ossec"]
endpoints.json	Is updated with the script according to api data
group-input.tsx	Link: user-manual/reference/ossec-conf/client.html#groups
optionals-inputs.tsx	Link: user-manual/reference/ossec-conf/client.html#enrollment-agent-name
server-address.tsx	Link: user-manual/reference/ossec-conf/client.html#manager-address
register-agent-os-command-services.tsx	Command: sudo /Library/Ossec/bin/wazuh-control start
configuration-overview.js	Link: user-manual/reference/ossec-conf/index.html
active-response-active-response.js	Link: user-manual/reference/ossec-conf/active-response.html
active-response-agent.js	Link: user-manual/reference/ossec-conf/active-response.html
active-response-commands.js	Link: user-manual/reference/ossec-conf/commands.html
agentless.js	Link: user-manual/reference/ossec-conf/agentless.html
alerts-email-alerts.js	Link: user-manual/reference/ossec-conf/email-alerts.html
alerts-general.js	Link: user-manual/reference/ossec-conf/alerts.html
alerts-reports.js	Link: user-manual/reference/ossec-conf/reports.html
alerts-syslog-output.js	Link: user-manual/reference/ossec-conf/syslog-output.html
aws-s3/help-links.js	Link: user-manual/reference/ossec-conf/wodle-s3.html
azure-logs.js	Link: user-manual/reference/ossec-conf/wodle-azure-logs.html
cis-cat/help-links.js	Link: user-manual/reference/ossec-conf/wodle-ciscat.html
client.js	Link: user-manual/reference/ossec-conf/client.html
client-buffer.js	Link: user-manual/reference/ossec-conf/client-buffer.html
cluster.js	Link: user-manual/reference/ossec-conf/cluster.html
commands.js	Link: user-manual/reference/ossec-conf/wodle-command.html
docker-listener.js	Link: user-manual/reference/ossec-conf/wodle-docker.html
github.tsx	Link: user-manual/reference/ossec-conf/github-module.html
global-configuration-global.js	Link: user-manual/reference/ossec-conf/global.html
global-configuration-global.js	Link: user-manual/reference/ossec-conf/logging.html
global-configuration-remote.js	Link: user-manual/reference/ossec-conf/remote.html
google-cloud-pub-sub.js	Link: user-manual/reference/ossec-conf/gcp-pubsub.html
integragtions.js	Link: user-manual/reference/ossec-conf/integration.html
integrity-monitoring/help-links.js	Link: user-manual/reference/ossec-conf/syscheck.html
inventory.js	Link: user-manual/reference/ossec-conf/wodle-syscollector.html
log-collection/help-links.js	Link: user-manual/reference/ossec-conf/localfile.html
log-collection-sockets.js	Link: user-manual/reference/ossec-conf/socket.html
log-collection.test.tsx	Link: user-manual/reference/ossec-conf/socket.html
office365/constants.tsx	Link: user-manual/reference/ossec-conf/office365-module.html
open-scap/help-links.js	Link: user-manual/reference/ossec-conf/wodle-openscap.html
osquery.js	Link: user-manual/reference/ossec-conf/wodle-osquery.html
policy-monitoring/help-links.js	Link: user-manual/reference/ossec-conf/rootcheck.html
registration-service.js	Link: user-manual/reference/ossec-conf/auth.html
vulnerabilities/help-links.js	Link: user-manual/reference/ossec-conf/vuln-detector.html
logs.js	CSV file name wazuh-ossec-log	server-log
api-request-list.json	Is updated with the script according to api data
mitre.js	Sample data: rule name 0015-ossec_rules.xml	0015_server_rules.xml
osquery.js	Sample data: rule description: ...pack_ossec-rootkit_zk_rootkit...	pack_server-rootkit_zk_rootkit
agent-configuration.ts	Link: user-manual/reference/ossec-conf/client.html
agent-configuration.ts	Link: user-manual/reference/ossec-conf/labels.html
agent-configuration.ts	Link: user-manual/reference/ossec-conf/wodle-openscap.html
agent-configuration.ts	Link: user-manual/reference/ossec-conf/wodle-ciscat.html
agent-configuration.ts	Link: user-manual/reference/ossec-conf/wodle-osquery.html
agent-configuration.ts	Link: user-manual/reference/ossec-conf/wodle-syscollector.html
agent-configuration.ts	Link: user-manual/reference/ossec-conf/wodle-response.html
agent-configuration.ts	Link: user-manual/reference/ossec-conf/wodle-command.html
agent-configuration.ts	Link: user-manual/reference/ossec-conf/wodle-docker.html
agent-configuration.ts	Link: user-manual/reference/ossec-conf/syscheck.html
cypress wazuh agent: Dockerfile	workdir /var/ossec
cypress wazuh agent: entrypoint.sh	/var/ossec/etc/client.keys
cypress wazuh agent: entrypoint.sh	/var/ossec/etc/ossec.conf
cypress wazuh agent: entrypoint.sh	/var/ossec/bin/agent-auth
cypress wazuh agent: preloaded-vars.conf	/var/ossec
cypress wazuh agent: preloaded-vars.conf	/var/ossec
cypress wazuh manager: Dockerfile	workdir /var/ossec
cypress wazuh manager: entrypoint.sh	many times there is the word ossec
cypress wazuh manager: preloaded-vars.conf	/var/ossec
test/server/alerts	reference path /var/ossec/logs...
endpoints.json	Is updated with the script according to api data
mitre.js	Sample data: rule name 0015-ossec_rules.xml
osquery.js	Sample data: rule description: ...pack_ossec-rootkit_zk_rootkit...

JuanGarriuz commented 1 month ago

plugins/main/package.json

  "keywords": [
    "opensearch_dashboards",
    "wazuh",
    "ossec"
  ],

plugins/main/public/components/endpoints-summary/register-agent/services/register-agent-os-commands-services.tsx

wazuh-control removed from agents

export const getMacosStartCommand = (
  _props: tOSEntryProps<tOptionalParameters>,
) => {
  return `sudo /Library/Ossec/bin/wazuh-control start`;
};

scripts/wazuh-alerts-generator/lib/modules/mitre.js
plugins/main/server/lib/generate-alerts/sample-data/mitre.js

Ossec references are not really clear

wazuh / wazuh-dashboard

Adapt Dashboard repositories #233

Description

Objective