def create_json_message(command: str = '', arguments: list = None, alert: dict = None) -> str: """Create the JSON message that will be sent. Function used when Wazuh agent version is >= 4.2.0. Parameters ---------- command : str Command running in the agent. If this value starts by !, then it refers to a script name instead of a command name. arguments : list Command arguments. alert : dict Alert data that will be sent with the AR command. Raises ------ WazuhError(1650) If the command is not specified. Returns ------- str Message that will be sent to the socket. """ if not command: raise WazuhError(1650) cluster_enabled = not read_cluster_config()['disabled'] node_name = get_node().get('node') if cluster_enabled else None msg_queue = json.dumps( create_wazuh_socket_message(origin={ 'name': node_name, 'module': common.origin_module.get() }, command=command, parameters={ 'extra_args': arguments if arguments else [], 'alert': alert if alert else {} })) return msg_queue
def test_read_cluster_config(): """Verify that read_cluster function returns, in this case, the default configuration.""" config = utils.read_cluster_config() assert config == default_cluster_config with patch('wazuh.core.cluster.utils.get_ossec_conf', side_effect=WazuhError(1001)): with pytest.raises(WazuhError, match='.* 3006 .*'): utils.read_cluster_config() with patch('wazuh.core.cluster.utils.get_ossec_conf', side_effect=KeyError(1)): with pytest.raises(WazuhError, match='.* 3006 .*'): utils.read_cluster_config() with patch('wazuh.core.cluster.utils.get_ossec_conf', return_value={'cluster': default_cluster_config}): utils.read_config.cache_clear() default_cluster_config.pop('hidden') default_cluster_config['disabled'] = 'no' config = utils.read_cluster_config() config_simple = utils.read_config() assert config == config_simple assert config == default_cluster_config default_cluster_config['node_type'] = 'client' config = utils.read_cluster_config() assert config == default_cluster_config default_cluster_config['disabled'] = 'None' with pytest.raises(WazuhError, match='.* 3004 .*'): utils.read_cluster_config() default_cluster_config['disabled'] = 'yes' config = utils.read_cluster_config() assert config == default_cluster_config default_cluster_config['port'] = 'None' with pytest.raises(WazuhError, match='.* 3004 .*'): utils.read_cluster_config()
# Copyright (C) 2015-2019, Wazuh Inc. # Created by Wazuh, Inc. <*****@*****.**>. # This program is a free software; you can redistribute it and/or modify it under the terms of GPLv2 from wazuh.core import common from wazuh.core.cluster import local_client from wazuh.core.cluster.cluster import get_node from wazuh.core.cluster.control import get_health, get_nodes from wazuh.core.cluster.utils import get_cluster_status, read_cluster_config, read_config from wazuh.core.exception import WazuhError, WazuhResourceNotFound from wazuh.core.results import AffectedItemsWazuhResult from wazuh.rbac.decorators import expose_resources, async_list_handler cluster_enabled = not read_cluster_config()['disabled'] node_id = get_node().get('node') if cluster_enabled else None @expose_resources(actions=['cluster:read'], resources=[f'node:id:{node_id}']) def read_config_wrapper(): """ Wrapper for read_config :return: AffectedItemsWazuhResult """ result = AffectedItemsWazuhResult( all_msg='All selected information was returned', none_msg='No information was returned') try: result.affected_items.append(read_config()) except WazuhError as e: result.add_failed_item(id_=node_id, error=e) result.total_affected_items = len(result.affected_items)
from typing import Union from wazuh.core import common, configuration from wazuh.core.InputValidator import InputValidator from wazuh.core.agent import WazuhDBQueryAgents, WazuhDBQueryGroupByAgents, WazuhDBQueryMultigroups, Agent, \ WazuhDBQueryGroup, get_agents_info, get_groups, core_upgrade_agents, get_rbac_filters, agents_padding, \ send_restart_command from wazuh.core.cluster.cluster import get_node from wazuh.core.cluster.utils import read_cluster_config from wazuh.core.exception import WazuhError, WazuhInternalError, WazuhException, WazuhResourceNotFound from wazuh.core.results import WazuhResult, AffectedItemsWazuhResult from wazuh.core.utils import chmod_r, chown_r, get_hash, mkdir_with_mode, md5, process_array, clear_temporary_caches from wazuh.core.wazuh_queue import WazuhQueue from wazuh.rbac.decorators import expose_resources cluster_enabled = not read_cluster_config(from_import=True)['disabled'] node_id = get_node().get('node') if cluster_enabled else None @expose_resources(actions=["agent:read"], resources=["agent:id:{agent_list}"], post_proc_func=None) def get_distinct_agents(agent_list: list = None, offset: int = 0, limit: int = common.database_limit, sort: str = None, search: str = None, fields: str = None, q: str = None) -> AffectedItemsWazuhResult: """Get all the different combinations that all system agents have for the selected fields. It also indicates the total number of agents that have each combination.