Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve interoperability of commands by changing action.args to object #618

Closed
3 of 4 tasks
Tracked by #349
AlexRuiz7 opened this issue Dec 23, 2024 · 0 comments · Fixed by #630 or wazuh/wazuh-indexer-plugins#209
Closed
3 of 4 tasks
Tracked by #349
Assignees
Labels
level/task Task issue mvp Minimum Viable Product type/enhancement Enhancement issue

Comments

@AlexRuiz7
Copy link
Member

AlexRuiz7 commented Dec 23, 2024

Description

Related issue: #349

Currently, the action.args fields of commands is an array, which fits good enough the existing use cases for the MVP phase. However, this data structure has proven to be insufficient / limited for more complex commands. For this reason, we are changing the action.args to object. The fields of this object are to be defined ad-hoc for each kind of command. The definition of these commands needs to be depicted by the @wazuh/devel-agent team. For now, we'll not validate or fix the fields under this object, so the commands index needs to be temporarily set to dynamic in order to accept any nested fields. The remaining fields are unchanged.

This change needs to be applied on agent, server and indexer.

{
    "orders": [
        {
            "action": {
                "args": {},
                "name": "restart",
                "version": "5.0.0"
            },
            "source": "Users/Services",
            "document_id": "A8-62pMBBmC6Jrvqj9kW",
            "user": "Management API",
            "target": {
                "id": "d5b250c4-dfa1-4d94-827f-9f99210dbe6c",
                "type": "agent"
            }
        }
    ]
}

Functional requirements

  • The commands.action.args field is an object.
  • The fields under commands.action.args are dynamic (any nested field is accepted).
  • The Wazuh Agent receives commands and the result arrives back to indexer.
  • The Command Manager API also receives the field as an object.

Implementation restrictions

  • The remaining fields are unchanged.

Plan

  • Update index model and documentation.
  • Update index template on the setup plugin and tooling.
  • Update Management API commands (orders) schema.
  • Update Agent commands (orders) schema.
@AlexRuiz7 AlexRuiz7 added level/task Task issue type/enhancement Enhancement issue labels Dec 23, 2024
@AlexRuiz7 AlexRuiz7 transferred this issue from wazuh/wazuh-indexer-plugins Dec 23, 2024
@AlexRuiz7 AlexRuiz7 changed the title Improve interopreability of commands by changing process.args to object Improve interopreability of commands by changing action.args to object Dec 23, 2024
@wazuhci wazuhci moved this to Backlog in Release 5.0.0 Dec 23, 2024
@AlexRuiz7 AlexRuiz7 added the mvp Minimum Viable Product label Dec 23, 2024
@AlexRuiz7 AlexRuiz7 changed the title Improve interopreability of commands by changing action.args to object Improve interoperability of commands by changing action.args to object Dec 27, 2024
@AlexRuiz7 AlexRuiz7 assigned f-galland and unassigned QU3B1M Jan 8, 2025
@wazuhci wazuhci moved this from Backlog to In progress in Release 5.0.0 Jan 8, 2025
@wazuhci wazuhci moved this from In progress to Pending review in Release 5.0.0 Jan 8, 2025
@wazuhci wazuhci moved this from Pending review to In progress in Release 5.0.0 Jan 9, 2025
@wazuhci wazuhci moved this from In progress to Pending review in Release 5.0.0 Jan 10, 2025
@wazuhci wazuhci moved this from Pending review to In review in Release 5.0.0 Jan 10, 2025
@wazuhci wazuhci moved this from In review to Pending final review in Release 5.0.0 Jan 10, 2025
@wazuhci wazuhci moved this from Pending final review to Done in Release 5.0.0 Jan 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
level/task Task issue mvp Minimum Viable Product type/enhancement Enhancement issue
Projects
Status: Done
3 participants