wazuh-splunk icon indicating copy to clipboard operation
wazuh-splunk copied to clipboard

Published 20 hours ago verified publisher icon wazuh

Interactive guides for configuring extensions

Open pablotr9 opened this issue 5 years ago • 3 comments

Hi team, it's frustrating for the user opening a dashboard and see no alerts. Sometimes is due to the selected time range and that's fine but some modules need to be configured because they don't come pre-configured with Wazuh, here is where this ticket makes sense.

Proposals:

  • [x] Create a base component for any interactive guide for configuring modules.
  • [x] Add the ability to add the configuration for the module from the app.
  • [ ] The guide should be valid for both manager configurations (ossec.conf) and centralized configurations (agent.conf).

pablotr9 avatar Sep 03 '19 13:09 pablotr9

Update We are currently designing how should these interactive guides look like, some ideas: ejemplo2 ejemplo1

pablotr9 avatar Sep 12 '19 15:09 pablotr9

Update Configuration block for Syscheck, Command wodle and Localfile can now be generated following the different steps in the interactive guide as shown in this example: config

Currently working on improving the styling of the guide and adapting it to include more configuration sections

pablotr9 avatar Sep 17 '19 15:09 pablotr9

Update

  • Added new module guides: Osquery,Docker-Listener.
  • When the module needs additional steps, an info message is shown when the configuration block is generated: image
  • Created a new component to show a message when the user is in a specific dashboard and that module is not configured, example Docker Listener: When clicking on one of the groups the agents belongs to, the user is redirected to that agent.conf with the guide of that specific module opened: configinteracti

pablotr9 avatar Sep 20 '19 15:09 pablotr9