wazuh
wazuh copied to clipboard
Published
20 hours ago •
wazuh
wazuh
Add RSync and DBSync to FIM
| Related issue |
|---|
| #9103 |
Description
Hi team,
With this PR, we have started the unification of the DB management between different processes, specifically we have implemented the generic libraries RSync and DBSync for the management of the FIM databases.
For this, the diagrams found in the issue description have been used as a reference (#9103).
For the development of the project, the following steps have been carried out:
- Modified the folder structure to use
CMakein the building of the FIM module. - Created a new library to manage the database and create the necessary interfaces to connect to the FIM module.
- Added tests to check that everything works as expected in the new features:
-
C++unit tests to ensure that each module works fine on its own. -
C++component tests to make sure that each interface works properly. - Test tool to check via JSON configuration files the interfaces between the FIM module and its database.
-
- Modified the RTR tests to both add and run each of the new tests.
- Adapted existing tests.
- Adapted the existing Jenkins jobs to run the RTR with the new tests.
- Added the new library inside the Wazuh package, so that it compiles the package properly and includes the new changes.
- Updated the sync configuration in FIM
- Updated the database limits configuration in FIM
Configuration options
The following changes have been applied:
- Regarding the FIM database limits. It has included a new block to control the registry entry limit, as the current
<file_limit>.
<registry_limit>
<enabled>yes</enabled>
<entries>100000</entries>
<registries>100000</registries>
</registry_limit>
It is enabled by default but not included in the default configuration.
- Regarding the synchronization, it has been added a new setting called
thread_poolto specify the number of threads used by the FIM database synchronization.
<synchronization>
<thread_pool>1</thread_pool>
</synchronization>
The rest of the configuration remains as shown in the documentation: FIM configuration
RTR checks
<syscheckd>=============== Running RTR checks ===============<syscheckd>
<syscheckd>=============== Running cppcheck ===============<syscheckd>
[Cppcheck: PASSED]
<agent>=============== Running Make Deps ===============<agent>
[MakeDeps: PASSED]
<agent>=============== Running Make project ==============<agent>
[MakeTarget: PASSED]
[Cleanfolder : PASSED]
<syscheckd>=============== Running CMake Conf ===============<syscheckd>
[ConfigureCMake: PASSED]
<syscheckd>=============== Compiling library ===============<syscheckd>
[make: PASSED]
<syscheckd>=============== Running Tests ===============<syscheckd>
<syscheckd>[All tests: PASSED]<syscheckd>
<syscheckd>=============== Running Valgrind ===============<syscheckd>
<syscheckd>[Memory leak check: PASSED]<syscheckd>
<syscheckd>=============== Running Coverage ===============<syscheckd>
[Lines Coverage 99.3%: PASSED]
[Functions Coverage 100.0%: PASSED]
<syscheckd>=============== Running AStyle ===============<syscheckd>
[AStyle Check: PASSED]
<syscheckd>=============== Running ASAN ===============<syscheckd>
[ASAN: PASSED]
<syscheckd>=============== Running TEST TOOL for Windows =====<syscheckd>
[TEST TOOL for Windows: PASSED]
[TestTool check: PASSED]
<syscheckd>[RTR: PASSED]<syscheckd>
Tests
- Compilation without warnings in every supported platform (https://github.com/wazuh/wazuh/issues/11935)
- [x] Linux
- [x] Windows
- [x] MAC OS X
- [x] Solaris
- [x] HP-UX
- [x] AIX
- [x] Source installation
- [x] Package installation
- [x] Source upgrade
- [x] Package upgrade
- [x] Review logs syntax and correct language
- [x] QA templates contemplate the added capabilities
- Memory tests for Linux
- [x] Scan-build report
- [x] Coverity
- [x] Valgrind (memcheck and descriptor leaks check)
- [x] AddressSanitizer
- Memory tests for Windows
- [x] Scan-build report
- [x] Retrocompatibility with older Wazuh versions
- [x] Working on cluster environments
- [x] Configuration on demand reports new parameters
- [x] The data flow works as expected (agent-manager-api-app)
- [x] Added unit tests (for new features)
- [x] Stress test for affected components
