Add control to set-group and fetch-config actions #251
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 tasks
mcasas993
changed the title
Test of "set-group" action1. With an array of agentRequest:{
"commands": [
{
"action": {
"name": "set-group",
"args": {
"groups": [
"group_1",
"group_2",
"group_N"
]
},
"version": "v4"
},
"source": "Engine",
"user": "USER-SET-GROUP-1",
"timeout": 30,
"target": {
"id": "target4",
"type": "agent"
}
}
]
}Response: {
"_index": "wazuh-commands",
"_documents": [
{
"_id": "3A2eqJQBLpqli8LcqBc5"
}
],
"result": "OK"
}Document in index command: {
"_index": "wazuh-commands",
"_id": "3A2eqJQBLpqli8LcqBc5",
"_score": 1,
"_source": {
"agent": {
"groups": [
"groups000"
]
},
"command": {
"source": "Engine",
"user": "USER-SET-GROUP-1",
"target": {
"type": "agent",
"id": "target4"
},
"action": {
"name": "set-group",
"args": {
"groups": [
"group_1",
"group_2",
"group_N"
]
},
"version": "v4"
},
"timeout": 30,
"status": "pending",
"order_id": "2w2eqJQBLpqli8LcqBc1",
"request_id": "2g2eqJQBLpqli8LcqBc1"
},
"@timestamp": "2025-01-27T16:35:57Z",
"delivery_timestamp": "2025-01-27T16:36:27Z"
}
}2. With an array of agent and another attributeRequest:{
"commands": [
{
"action": {
"name": "set-group",
"args": {
"groups": [
"group_1",
"group_2",
"group_N"
],
"arg1": 45
},
"version": "v4"
},
"source": "Engine",
"user": "USER-SET-GROUP-1",
"timeout": 30,
"target": {
"id": "target4",
"type": "agent"
}
}
]
}Response: {
"error": {
"root_cause": [
{
"type": "illegal_argument_exception",
"reason": "Incorrect request. An array of agents is expected in args."
}
],
"type": "illegal_argument_exception",
"reason": "Incorrect request. An array of agents is expected in args."
},
"status": 400
}3. With an empty array in groupsRequest:{
"commands": [
{
"action": {
"name": "set-group",
"args": {
"groups": []
},
"version": "v4"
},
"source": "Engine",
"user": "USER-SET-GROUP-1",
"timeout": 30,
"target": {
"id": "target4",
"type": "agent"
}
}
]
}Response: {
"_index": "wazuh-commands",
"_documents": [
{
"_id": "1rSkqJQBxpy59GZ0wmxD"
}
],
"result": "OK"
}Document in index command: {
"_index": "wazuh-commands",
"_id": "1rSkqJQBxpy59GZ0wmxD",
"_score": 1,
"_source": {
"agent": {
"groups": [
"groups000"
]
},
"command": {
"source": "Engine",
"user": "USER-SET-GROUP-1",
"target": {
"type": "agent",
"id": "target4"
},
"action": {
"name": "set-group",
"args": {
"groups": []
},
"version": "v4"
},
"timeout": 30,
"status": "pending",
"order_id": "1bSkqJQBxpy59GZ0wmxA",
"request_id": "1LSkqJQBxpy59GZ0wmxA"
},
"@timestamp": "2025-01-27T16:42:37Z",
"delivery_timestamp": "2025-01-27T16:43:07Z"
}
}4. With empty args objectRequest:{
"commands": [
{
"action": {
"name": "set-group",
"args": {
},
"version": "v4"
},
"source": "Engine",
"user": "USER-SET-GROUP-1",
"timeout": 30,
"target": {
"id": "target4",
"type": "agent"
}
}
]
}Response: {
"error": {
"root_cause": [
{
"type": "illegal_argument_exception",
"reason": "Incorrect request. An array of agents is expected in args."
}
],
"type": "illegal_argument_exception",
"reason": "Incorrect request. An array of agents is expected in args."
},
"status": 400
}5. With any other attribute in argsRequest:{
"commands": [
{
"action": {
"name": "set-group",
"args": {
"any": "/path/to/executable/arg6"
},
"version": "v4"
},
"source": "Engine",
"user": "USER-SET-GROUP-1",
"timeout": 30,
"target": {
"id": "target4",
"type": "agent"
}
}
]
}Response: {
"error": {
"root_cause": [
{
"type": "illegal_argument_exception",
"reason": "Incorrect request. An array of agents is expected in args."
}
],
"type": "illegal_argument_exception",
"reason": "Incorrect request. An array of agents is expected in args."
},
"status": 400
} |
Test of "fetch-config" action1. With empty args objectRequest:{
"commands": [
{
"action": {
"name": "fetch-config",
"args": {},
"version": "v4"
},
"source": "Engine",
"user": "USER-SET-GROUP-1",
"timeout": 30,
"target": {
"id": "target4",
"type": "agent"
}
}
]
}Response: {
"_index": "wazuh-commands",
"_documents": [
{
"_id": "LUCSqJQB-iqktn3Au96S"
}
],
"result": "OK"
}Document in index command: {
"_index": "wazuh-commands",
"_id": "LUCSqJQB-iqktn3Au96S",
"_score": 1,
"_source": {
"agent": {
"groups": [
"groups000"
]
},
"@timestamp": "2025-01-27T16:22:56Z",
"delivery_timestamp": "2025-01-27T16:23:26Z",
"command": {
"action": {
"args": {},
"name": "fetch-config",
"version": "v4"
},
"source": "Engine",
"user": "USER-SET-GROUP-1",
"order_id": "LECSqJQB-iqktn3Au96Q",
"request_id": "K0CSqJQB-iqktn3Au96Q",
"timeout": 30,
"target": {
"id": "target4",
"type": "agent"
},
"status": "failure"
}
}
}2. With any attribute in args objectRequest:{
"commands": [
{
"action": {
"name": "fetch-group",
"args": {
"groups": [
"group-1",
"gruop-2"
],
"other-string": "asdkoasdk_55",
"other-number": 16565.5
},
"version": "v4"
},
"source": "Engine",
"user": "USER-SET-GROUP-1",
"timeout": 30,
"target": {
"id": "target4",
"type": "agent"
}
}
]
}Response: Document in index command: {
"_index": "wazuh-commands",
"_id": "pdatqJQBYNBuIuTXn0Gw",
"_score": 1,
"_source": {
"agent": {
"groups": [
"groups000"
]
},
"@timestamp": "2025-01-27T16:52:18Z",
"delivery_timestamp": "2025-01-27T16:52:48Z",
"command": {
"action": {
"args": {},
"name": "fetch-group",
"version": "v4"
},
"source": "Engine",
"user": "USER-SET-GROUP-1",
"order_id": "pNatqJQBYNBuIuTXn0Gr",
"request_id": "o9atqJQBYNBuIuTXn0Gq",
"timeout": 30,
"target": {
"id": "target4",
"type": "agent"
},
"status": "failure"
}
}
} |
Test of any other action1. With empty args objectRequest: {
"commands": [
{
"action": {
"name": "any-action",
"args": {},
"version": "v4"
},
"source": "Engine",
"user": "USER-SET-GROUP-1",
"timeout": 30,
"target": {
"id": "target4",
"type": "agent"
}
}
]
}Response: {
"_index": "wazuh-commands",
"_documents": [
{
"_id": "kzPAqJQB8VpaqYLueJyY"
}
],
"result": "OK"
}
Document in index command: {
"_index": "wazuh-commands",
"_id": "kzPAqJQB8VpaqYLueJyY",
"_score": 1,
"_source": {
"agent": {
"groups": [
"groups000"
]
},
"command": {
"source": "Engine",
"user": "USER-SET-GROUP-1",
"target": {
"type": "agent",
"id": "target4"
},
"action": {
"name": "any-action",
"args": {},
"version": "v4"
},
"timeout": 30,
"status": "pending",
"order_id": "kjPAqJQB8VpaqYLueJyX",
"request_id": "kTPAqJQB8VpaqYLueJyX"
},
"@timestamp": "2025-01-27T17:12:53Z",
"delivery_timestamp": "2025-01-27T17:13:23Z"
}
}
2. With any attribute in args objectRequest:{
"commands": [
{
"action": {
"name": "any-action",
"args": {
"groups": [
"group-1",
"gruop-2"
],
"other-string": "asdkoasdk_55",
"other-number": 16565.5
},
"version": "v4"
},
"source": "Engine",
"user": "USER-SET-GROUP-1",
"timeout": 30,
"target": {
"id": "target4",
"type": "agent"
}
}
]
}Response: {
"_index": "wazuh-commands",
"_documents": [
{
"_id": "J--5qJQB46vf3V8zaC9S"
}
],
"result": "OK"
}Document in index command: {
"_index": "wazuh-commands",
"_id": "J--5qJQB46vf3V8zaC9S",
"_score": 1,
"_source": {
"agent": {
"groups": [
"groups000"
]
},
"@timestamp": "2025-01-27T17:05:10Z",
"delivery_timestamp": "2025-01-27T17:05:40Z",
"command": {
"action": {
"args": {
"other-number": 16565.5,
"groups": [
"group-1",
"gruop-2"
],
"other-string": "asdkoasdk_55"
},
"name": "any-action",
"version": "v4"
},
"source": "Engine",
"user": "USER-SET-GROUP-1",
"order_id": "Ju-5qJQB46vf3V8zaC9R",
"request_id": "Je-5qJQB46vf3V8zaC9R",
"timeout": 30,
"target": {
"id": "target4",
"type": "agent"
},
"status": "failure"
}
}
} |
AlexRuiz7
requested changes
Jan 28, 2025
There was a problem hiding this comment.
This solution is not approved as it does not meet the requirements:
- Implementation of dedicated parsers classes for each model, inheriting from the
Argsclass, which serves as a generic parser. - No unit tests.
- Code does not match the code style (spotless pre-commit hook was bypassed).
As an alternate solution, check 248-add-hard-validation-to-commands.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Create a dedicated parser for set -group and fetch-config commands.
The set-group command accepts an array of strings within action.args, comprising the complete list of groups for this agent. In case of a mismatch on this command, the request will be rejected.
The fetch-config command accepts no arguments. In case of a mismatch on this command, mismatching values are ignored, and the request is accepted.
Issues Resolved
248