Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update vulnerability index mappings #75

Merged
merged 3 commits into from
Dec 7, 2023
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add 'wazuh' custom field
AlexRuiz7 committed Dec 7, 2023
commit d90dbf52d791390bc30adcd757b29565648efcbb
18 changes: 8 additions & 10 deletions ecs/generate.sh
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
#!/bin/bash

set -e
set -u

# Function to display usage information
show_usage() {
echo "Usage: $0 <ECS_VERSION> <INDEXER_SRC> <MODULE> [--upload <URL>]"
@@ -12,20 +15,15 @@ show_usage() {

# Function to generate mappings
generate_mappings() {
ECS_VERSION="$1"
INDEXER_SRC="$2"
MODULE="$3"
UPLOAD="$4"
URL="$5"

IN_FILES_DIR="$INDEXER_SRC/ecs/$MODULE/fields"
OUT_DIR="$INDEXER_SRC/ecs/$MODULE/mappings/$ECS_VERSION"
local IN_FILES_DIR="$INDEXER_SRC/ecs/$MODULE/fields"
local OUT_DIR="$INDEXER_SRC/ecs/$MODULE/mappings/$ECS_VERSION"

# Ensure the output directory exists
mkdir -p "$OUT_DIR" || exit 1

# Generate mappings
python scripts/generator.py --strict --ref "$ECS_VERSION" \
--include "$IN_FILES_DIR/custom/wazuh.yml" \
--subset "$IN_FILES_DIR/subset.yml" \
--template-settings "$IN_FILES_DIR/template-settings.json" \
--template-settings-legacy "$IN_FILES_DIR/template-settings-legacy.json" \
@@ -55,8 +53,8 @@ generate_mappings() {

# Function to upload generated composable index template to the OpenSearch cluster
upload_mappings() {
OUT_DIR="$1"
URL="$2"
local OUT_DIR="$1"
local URL="$2"

echo "Uploading index template to the OpenSearch cluster"
for file in "$OUT_DIR/generated/elasticsearch/composable/component"/*.json; do
11 changes: 11 additions & 0 deletions ecs/vulnerability-detector/fields/custom/wazuh.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
- name: wazuh
title: Wazuh
description: >
Wazuh Inc. custom fields
fields:
- name: cluster.name
type: keyword
level: custom
description: >
Wazuh cluster name.
2 changes: 2 additions & 0 deletions ecs/vulnerability-detector/fields/subset.yml
Original file line number Diff line number Diff line change
@@ -15,3 +15,5 @@ fields:
fields: "*"
vulnerability:
fields: "*"
wazuh:
fields: "*"
Original file line number Diff line number Diff line change
@@ -25,7 +25,8 @@
"package.version",
"vulnerability.id",
"vulnerability.description.text",
"vulnerability.severity"
"vulnerability.severity",
"wazuh.cluster.name"
]
}
}
3 changes: 2 additions & 1 deletion ecs/vulnerability-detector/fields/template-settings.json
Original file line number Diff line number Diff line change
@@ -26,7 +26,8 @@
"package.version",
"vulnerability.id",
"vulnerability.description.text",
"vulnerability.severity"
"vulnerability.severity",
"wazuh.cluster.name"
]
}
}