wazuh-dashboard-plugins icon indicating copy to clipboard operation
wazuh-dashboard-plugins copied to clipboard

Published 20 hours ago verified publisher icon wazuh

Added new DB Limit on FIM configuration

Open Machi3mfl opened this issue 2 years ago • 1 comments

Hi Team, This adds a new DB limit tab in FIM agent configuration Close #3849

Machi3mfl avatar Mar 23 '22 17:03 Machi3mfl

Code coverage (Jest) % values
Statements 6.89% ( 2513 / 36485 )
Branches 2.72% ( 769 / 28224 )
Functions 4.6% ( 410 / 8920 )
Lines 6.97% ( 2432 / 34908 )

github-actions[bot] avatar Nov 17 '22 17:11 github-actions[bot]

Scope

Added new blocks inside syscheck configuration (FIM configuration):

  • file_limit
  • registy_limit (only for Windows agent, hide in manager configuration)
  • synchronization > thread_pool
// ossec.conf
<syscheck>
... 
<file_limit>
  <enabled>yes</enabled>
  <entries>100000</entries>
</file_limit>

<registry_limit>
  <enabled>yes</enabled>
  <entries>100000</entries>
</registry_limit>

<synchronization>
  ...
  <thread_pool>1</thread_pool>
</synchronization>

</syscheck>

1. Agent configuration

A. Windows agent

  • When the registry_limit block is added in agent ossec.conf

image

  • When the registry_limit block is not present in agent ossec.conf

image

B. NO Windows agent

  • Check the new thread_pool in the Synchronization tab.

image

  • Check the new Files Limit tab

image

  • Check the new Registries Limit tab is hidden. Only available for Window Agent

2.. Manager configuration

  • Check the new thread_pool in the Synchronization tab.

image

  • Check the new Files Limit tab

image

  • Check the new Registries Limit tab is hidden. Only available for Window Agent

Check when remove the blocks file_limit or registry_limit

image

Machi3mfl avatar Mar 29 '23 16:03 Machi3mfl

Code coverage (Jest) % values
Statements 8.85% ( 3276 / 37006 )
Branches 4.51% ( 1296 / 28725 )
Functions 7.7% ( 706 / 9163 )
Lines 8.91% ( 3159 / 35436 )

github-actions[bot] avatar Mar 31 '23 14:03 github-actions[bot]

Template test cases

7.10.2

Legend: :black_circle:: none :green_circle:: pass :yellow_circle:: warning :red_circle:: fail :white_circle:: not applicable

UI

Test Chrome Firefox
FIM Files limit enabled in agent config :black_circle: :black_circle:
FIM Files limit disabled in agent config :black_circle: :black_circle:
FIM Files limit enabled in manager config :black_circle: :black_circle:
FIM Files limit disabled in manager config :black_circle: :black_circle:
FIM Registries limit enabled in agent (windows) config :black_circle: :black_circle:
FIM Registries limit disabled in agent (windows) config :black_circle: :black_circle:
FIM Registries limit is hidden in manager config :black_circle: :black_circle:
FIM Registries limit is hidden in agent (no windows) config :black_circle: :black_circle:
FIM Synchronization new Number of threads field in agent config :black_circle: :black_circle:
FIM Synchronization new Number of threads field in manager config :black_circle: :black_circle:

Details

:black_circle: FIM Files limit enabled in agent config

Chrome - :black_circle:

Firefox - :black_circle:

:black_circle: FIM Files limit disabled in agent config

Chrome - :black_circle:

Firefox - :black_circle:

:black_circle: FIM Files limit enabled in manager config

Chrome - :black_circle:

Firefox - :black_circle:

:black_circle: FIM Files limit disabled in manager config

Chrome - :black_circle:

Firefox - :black_circle:

:black_circle: FIM Registries limit enabled in agent (windows) config

Chrome - :black_circle:

Firefox - :black_circle:

:black_circle: FIM Registries limit disabled in agent (windows) config

Chrome - :black_circle:

Firefox - :black_circle:

:black_circle: FIM Registries limit is hidden in manager config

Chrome - :black_circle:

Firefox - :black_circle:

:black_circle: FIM Registries limit is hidden in agent (no windows) config

Chrome - :black_circle:

Firefox - :black_circle:

:black_circle: FIM Synchronization new Number of threads field in agent config

Chrome - :black_circle:

Firefox - :black_circle:

:black_circle: FIM Synchronization new Number of threads field in manager config

Chrome - :black_circle:

Firefox - :black_circle:

Machi3mfl avatar Mar 31 '23 18:03 Machi3mfl

Template test cases

7.10.2

Legend: :black_circle:: none :green_circle:: pass :yellow_circle:: warning :red_circle:: fail :white_circle:: not applicable

UI

Test Chrome Firefox
FIM Files limit enabled in agent config 🟢 :black_circle:
FIM Files limit disabled in agent config 🟢 :black_circle:
FIM Files limit enabled in manager config 🟢 :black_circle:
FIM Files limit disabled in manager config 🟢 :black_circle:
FIM Registries limit enabled in agent (windows) config 🟢 :black_circle:
FIM Registries limit disabled in agent (windows) config 🟢 :black_circle:
FIM Registries limit is hidden in manager config 🟢 :black_circle:
FIM Registries limit is hidden in agent (no windows) config 🟢 :black_circle:
FIM Synchronization new Number of threads field in agent config 🟢 :black_circle:
FIM Synchronization new Number of threads field in manager config 🟢 :black_circle:

Details

🟢 FIM Files limit enabled in agent config

Chrome - 🟢

image

Firefox - :black_circle:

🟢 FIM Files limit disabled in agent config

Chrome - 🟢

image

Firefox - :black_circle:

🟢 FIM Files limit enabled in manager config

Chrome - 🟢

image

Firefox - :black_circle:

🟢 FIM Files limit disabled in manager config

Chrome - 🟢

image

Firefox - :black_circle:

🟢 FIM Registries limit enabled in agent (windows) config

Chrome - 🟢

image

Firefox - :black_circle:

🟢 FIM Registries limit disabled in agent (windows) config

Chrome - 🟢

image

Firefox - :black_circle:

🟢 FIM Registries limit is hidden in manager config

Chrome - 🟢

image

Firefox - :black_circle:

🟢 FIM Registries limit is hidden in agent (no windows) config

Chrome - 🟢

image

Firefox - :black_circle:

🟢 FIM Synchronization new Number of threads field in agent config

Chrome - 🟢

image

Firefox - :black_circle:

🟢 FIM Synchronization new Number of threads field in manager config

Chrome - 🟢

image

Firefox - :black_circle:

yenienserrano avatar Apr 03 '23 14:04 yenienserrano