Compatibility with OpenSearch 2.4.0

[Machi3mfl]

Branch:

• https://github.com/wazuh/wazuh-kibana-app/tree/4.3.11-2.4.0

Description

We need to ensure UI compatibility with OpenSearch 2.4.0

For that, we need to:

• Create a new branch 4.3.11-2.4
• Upgrade winston dependency to the latest compatible version d12ca53 - Related Update dependencies #4956
• Remove angular-chart.js dependency a45ad98 - Related Update dependencies #4956
• Apply OSD 2.3.0 compatibility issues detailed in Compatibility with Wazuh indexer based on OpenSearch 2.3.0 #4160
• Make manual tests globally
• Check if is necessary SAML for the client

Issues to be applied

• Review custom styles for Kibana 7.9.0 #4480 19135bb
• Bump platform version to 2.3.0 #4683 54d951c
• Broken breadcrumbs in Wazuh Dashboard 2.x #4502 8dd590e
• Wrong behavior from the Flyout component in Wazuh Dashboard 2.x #4597 373653f
• Remove router Internal Error in server console #4650 2e987e4
• Test the plugin in Wazuh Dashboard #4740

[Machi3mfl]

Upgrade winston package made by @asteriscos

• Upgrade to the latest version error

Conclusion

• Updated to the compatible latest version winston V3.5.1

Utils docs

• https://github.com/winstonjs/winston/blob/v3.5.1/package.json#L69
• https://www.npmjs.com/package/winston?activeTab=dependencies

All these changes were applied on the 4.3.11-2.4.0 branch

[Machi3mfl]

Remove angular-chart.js dependency made by @yenienserrano

• Remove import 'angular-chart.js': line 24 of plugins/wazuh-kibana-app/public/app.js
• Remove 'chart.js' requirement: line 90 of plugins/wazuh-kibana-app/public/get_inner_angular.ts
• Remove import discoverTemplate from plugins/wazuh-kibana-app/public/kibana-integrations/kibana-discover.js: line 20 of ../templates/discover/discover.html
• Remove comment //discoverTemplate: line 45 of plugins/wazuh-kibana-app/public/kibana-integrations/kibana-discover.js
• Finally, remove the package angular-chart.js

All these changes were applied on the 4.3.11-2.4.0 branch

[Machi3mfl]

Plugin global manual tests

• Apply sample data en check data in dashboards

Peek.2022-12-06.12-51.mp4

• Rules, Decoders, Groups

Peek.2022-12-06.12-53.mp4

• Agents dashboard and detail

Peek.2022-12-06.12-55.mp4

• Devtools

Peek.2022-12-06.12-56.mp4

• Security: Rules, Roles, Policies, Roles Mapping

Peek.2022-12-06.12-58.mp4

• Settings

Peek.2022-12-06.13-06.mp4

[Desvelao]

Changes

Fixed:

• a problem related to the generation of CSV (in Rules, Decoders) due to a typo in a variable.
• missing use of status codes instead of internal server error fallback.
  Added:
• Changelog with the changes pointing to the commits

[Desvelao]

Testing

Tested with custom Wazuh dashboard and indexer packages:

[Tostti]

Testing

Tested packages in a Virtual machine. No issues were found during these tests.

Virtual environment info

root@test:/home/wazuh# cat /etc/os-release
PRETTY_NAME="Ubuntu 22.04.1 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.1 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy

root@test:/home/wazuh# free -h
               total        used        free      shared  buff/cache   available
Mem:           7.8Gi       2.1Gi       1.5Gi       1.0Mi       4.2Gi       5.4Gi
Swap:          2.0Gi          0B       2.0Gi

root@test:/home/wazuh# df --total -h
Filesystem                         Size  Used Avail Use% Mounted on
tmpfs                              795M  1.2M  794M   1% /run
/dev/mapper/ubuntu--vg-ubuntu--lv   12G  7.9G  2.9G  74% /
tmpfs                              3.9G  284K  3.9G   1% /dev/shm
tmpfs                              5.0M     0  5.0M   0% /run/lock
/dev/sda2                          2.0G  127M  1.7G   7% /boot
tmpfs                              795M  4.0K  795M   1% /run/user/1000
total                               19G  8.0G   10G  45% -

root@test:/home/wazuh# lscpu
Architecture:            x86_64
  CPU op-mode(s):        32-bit, 64-bit
  Address sizes:         39 bits physical, 48 bits virtual
  Byte Order:            Little Endian
CPU(s):                  4
  On-line CPU(s) list:   0-3
Vendor ID:               GenuineIntel
  Model name:            Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
    CPU family:          6
    Model:               158
    Thread(s) per core:  1
    Core(s) per socket:  4
    Socket(s):           1
    Stepping:            9
    BogoMIPS:            8399.99
    Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_kno
                         wn_freq pni pclmulqdq ssse3 cx16 pcid sse4_1 sse4_2 movbe popcnt aes rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single pti fsgsbase bmi1 bmi2 invpcid rdseed clflushopt md_clea
                         r flush_l1d arch_capabilities
Virtualization features:
  Hypervisor vendor:     KVM
  Virtualization type:   full
Caches (sum of all):
  L1d:                   128 KiB (4 instances)
  L1i:                   128 KiB (4 instances)
  L2:                    1 MiB (4 instances)
  L3:                    32 MiB (4 instances)
NUMA:
  NUMA node(s):          1
  NUMA node0 CPU(s):     0-3
Vulnerabilities:
  Itlb multihit:         KVM: Mitigation: VMX unsupported
  L1tf:                  Mitigation; PTE Inversion
  Mds:                   Mitigation; Clear CPU buffers; SMT Host state unknown
  Meltdown:              Mitigation; PTI
  Mmio stale data:       Mitigation; Clear CPU buffers; SMT Host state unknown
  Retbleed:              Vulnerable
  Spec store bypass:     Vulnerable
  Spectre v1:            Mitigation; usercopy/swapgs barriers and __user pointer sanitization
  Spectre v2:            Mitigation; Retpolines, STIBP disabled, RSB filling, PBRSB-eIBRS Not affected
  Srbds:                 Unknown: Dependent on hypervisor status
  Tsx async abort:       Not affected