Make agents and commands indexes visible

Rename commands and agents indexes templates to wazuh-agents and wazuh-commands accordingly Update ECS documents Update .commands and .agents references
wazuh · Jan 23, 2025 · e2eb3ab · e2eb3ab
1 parent 12195a7
commit e2eb3ab
Show file tree

Hide file tree

Showing 9 changed files with 16 additions and 22 deletions.
diff --git a/ecs/agent/event-generator/event_generator.py b/ecs/agent/event-generator/event_generator.py
@@ -12,7 +12,7 @@
 GENERATED_DATA_FILE = 'generatedData.json'
 DATE_FORMAT = "%Y-%m-%dT%H:%M:%S.%fZ"
 # Default values
-INDEX_NAME = ".agents"
+INDEX_NAME = "wazuh-agents"
 USERNAME = "admin"
 PASSWORD = "admin"
 IP = "127.0.0.1"

diff --git a/ecs/agent/fields/template-settings-legacy.json b/ecs/agent/fields/template-settings-legacy.json
@@ -1,11 +1,10 @@
 {
   "index_patterns": [
-    ".agents*"
+    "wazuh-agents*"
   ],
   "order": 1,
   "settings": {
     "index": {
-      "hidden": true,
       "number_of_shards": "1",
       "number_of_replicas": "0",
       "refresh_interval": "5s",
@@ -20,4 +19,4 @@
       ]
     }
   }
-}
+}
diff --git a/ecs/agent/fields/template-settings.json b/ecs/agent/fields/template-settings.json
@@ -1,12 +1,11 @@
 {
   "index_patterns": [
-    ".agents*"
+    "wazuh-agents*"
   ],
   "priority": 1,
   "template": {
     "settings": {
       "index": {
-        "hidden": true,
         "number_of_shards": "1",
         "number_of_replicas": "0",
         "refresh_interval": "5s",
@@ -22,4 +21,4 @@
       }
     }
   }
-}
+}
diff --git a/ecs/command/event-generator/event_generator.py b/ecs/command/event-generator/event_generator.py
@@ -13,7 +13,7 @@
 GENERATED_DATA_FILE = 'generatedData.json'
 DATE_FORMAT = "%Y-%m-%dT%H:%M:%S.%fZ"
 # Default values
-INDEX_NAME = ".commands"
+INDEX_NAME = "wazuh-commands"
 USERNAME = "admin"
 PASSWORD = "admin"
 IP = "127.0.0.1"

diff --git a/ecs/command/fields/template-settings-legacy.json b/ecs/command/fields/template-settings-legacy.json
@@ -1,11 +1,10 @@
 {
   "index_patterns": [
-    ".commands*"
+    "wazuh-commands*"
   ],
   "order": 1,
   "settings": {
     "index": {
-      "hidden": true,
       "number_of_shards": "1",
       "number_of_replicas": "0",
       "refresh_interval": "5s",
@@ -17,4 +16,4 @@
       ]
     }
   }
-}
+}
diff --git a/ecs/command/fields/template-settings.json b/ecs/command/fields/template-settings.json
@@ -1,12 +1,11 @@
 {
   "index_patterns": [
-    ".commands*"
+    "wazuh-commands*"
   ],
   "priority": 1,
   "template": {
     "settings": {
       "index": {
-        "hidden": true,
         "number_of_shards": "1",
         "number_of_replicas": "0",
         "refresh_interval": "5s",
@@ -19,4 +18,4 @@
       }
     }
   }
-}
+}
diff --git a/ecs/docs/agents.md b/ecs/docs/agents.md
@@ -83,12 +83,11 @@ fields:
 
 ```json
 {
-  "index_patterns": [".agents*"],
+  "index_patterns": ["wazuh-agents*"],
   "priority": 1,
   "template": {
     "settings": {
       "index": {
-        "hidden": true,
         "number_of_shards": "1",
         "number_of_replicas": "0",
         "refresh_interval": "5s",

diff --git a/ecs/docs/commands.md b/ecs/docs/commands.md
@@ -5,7 +5,7 @@
 > rev 0.2 - September 30th, 2024: Change type of `request_id`, `order_id` and `id` to keyword.
 > rev 0.3 - October 3rd, 2024: Change descriptions for `command.type`, `command.action.type`, `command.request_id`, `command.order_id`.
 > rev 0.4 - October 9th, 2024: Apply changes described in https://github.com/wazuh/wazuh-indexer-plugins/issues/96#issue-2576028654.
-> rev 0.5 - December 3rd, 2024: Added `@timestamp` and `delivery_timestamp` date fields. 
+> rev 0.5 - December 3rd, 2024: Added `@timestamp` and `delivery_timestamp` date fields.
 
 ### Fields summary
 
@@ -146,12 +146,11 @@ fields:
 
 ```json
 {
-  "index_patterns": [".commands*"],
+  "index_patterns": ["wazuh-commands*"],
   "priority": 1,
   "template": {
     "settings": {
       "index": {
-        "hidden": true,
         "number_of_shards": "1",
         "number_of_replicas": "0",
         "refresh_interval": "5s",

diff --git a/test-tools/scripts/07_validate_command_manager.sh b/test-tools/scripts/07_validate_command_manager.sh
@@ -48,7 +48,7 @@ while [[ "$#" -gt 0 ]]; do
     shift
 done
 
-COMMANDS_INDEX=".commands"
+COMMANDS_INDEX="wazuh-commands"
 SRC="Engine"
 USR="TestUser"
 TRG_ID="TestTarget"
@@ -81,7 +81,7 @@ curl -s -k -u "$USERNAME:$PASSWORD" -X POST "https://$CLUSTER_IP:9200/_forcemerg
 sleep 2
 
 # Fetch the indices
-echo "Validating .commands index is created..."
+echo "Validating commands index is created..."
 INDICES_RESPONSE=$(curl -s -k -u "$USERNAME:$PASSWORD" "https://$CLUSTER_IP:9200/_cat/indices/.*?v")
 # shellcheck disable=SC2181
 if [ $? -ne 0 ]; then
@@ -98,7 +98,7 @@ fi
 sleep 5
 echo "Validate the command is created"
 # Validate the command was created
-SEARCH_RESPONSE=$(curl -s -k -u "$USERNAME:$PASSWORD" "https://$CLUSTER_IP:9200/.commands/_search")
+SEARCH_RESPONSE=$(curl -s -k -u "$USERNAME:$PASSWORD" "https://$CLUSTER_IP:9200/$COMMANDS_INDEX/_search")
 # Check if the request was successful
 # shellcheck disable=SC2181
 if [ $? -ne 0 ]; then