diff --git a/plugins/main/README.md b/plugins/main/README.md index 0d60d6fd32..8a0263c001 100644 --- a/plugins/main/README.md +++ b/plugins/main/README.md @@ -26,7 +26,6 @@ the Wazuh Indexer. The plugin provides the following capabilities: - Threat Detection and Response - Vulnerabilities: Discover what applications in your environment are affected by well-known vulnerabilities. - MITRE ATT&CK: Explore security alerts mapped to adversary tactics and techniques for better threat understanding. - - VirusTotal: Alerts resulting from VirusTotal analysis of suspicious files via an integration with their API. - Osquery: Osquery can be used to expose an operating system as a high-performance relational database. - Docker listener: Monitor and collect the activity from Docker containers such as creation, running, starting, stopping or pausing events. - Regulatory Compliance diff --git a/plugins/main/common/constants.ts b/plugins/main/common/constants.ts index 33e6bac766..12eca2799a 100644 --- a/plugins/main/common/constants.ts +++ b/plugins/main/common/constants.ts @@ -243,8 +243,6 @@ export const DATA_SOURCE_FILTER_CONTROLLED_MITRE_ATTACK_RULE = 'mitre-attack-rule'; export const DATA_SOURCE_FILTER_CONTROLLED_MITRE_ATTACK_RULE_ID = 'hidden-mitre-attack-rule-id'; -export const DATA_SOURCE_FILTER_CONTROLLED_VIRUSTOTAL_RULE_GROUP = - 'virustotal-rule-group'; export const DATA_SOURCE_FILTER_CONTROLLED_GOOGLE_CLOUD_RULE_GROUP = 'gcp-rule-group'; export const DATA_SOURCE_FILTER_CONTROLLED_MALWARE_DETECTION_RULE_GROUP = diff --git a/plugins/main/common/wazuh-modules.ts b/plugins/main/common/wazuh-modules.ts index 82eb87c3bf..f251c03f0d 100644 --- a/plugins/main/common/wazuh-modules.ts +++ b/plugins/main/common/wazuh-modules.ts @@ -99,12 +99,6 @@ export const WAZUH_MODULES = { description: 'Security events related to your Google Cloud Platform services, collected directly via GCP API.', // TODO GCP }, - virustotal: { - title: 'VirusTotal', - appId: 'virustotal', - description: - 'Alerts resulting from VirusTotal analysis of suspicious files via an integration with their API.', - }, mitre: { title: 'MITRE ATT&CK', appId: 'mitre-attack', diff --git a/plugins/main/public/components/add-modules-data/sample-data.tsx b/plugins/main/public/components/add-modules-data/sample-data.tsx index ee7ab442ca..4c9839ebec 100644 --- a/plugins/main/public/components/add-modules-data/sample-data.tsx +++ b/plugins/main/public/components/add-modules-data/sample-data.tsx @@ -37,7 +37,6 @@ import { malwareDetection, mitreAttack, office365, - virustotal, vulnerabilityDetection, } from '../../utils/applications'; @@ -51,7 +50,6 @@ const sampleSecurityInformationApplication = [ const sampleThreatDetectionApplication = [ vulnerabilityDetection.title, - virustotal.title, docker.title, mitreAttack.title, ]; diff --git a/plugins/main/public/components/common/data-source/pattern/alerts/index.ts b/plugins/main/public/components/common/data-source/pattern/alerts/index.ts index effcfe3e7b..c093c8a4fe 100644 --- a/plugins/main/public/components/common/data-source/pattern/alerts/index.ts +++ b/plugins/main/public/components/common/data-source/pattern/alerts/index.ts @@ -8,7 +8,6 @@ export * from './docker'; export * from './malware-detection'; export * from './vulnerabilities'; export * from './hipaa'; -export * from './virustotal'; export * from './nist-800-53'; export * from './mitre-attack'; export * from './pci-dss'; diff --git a/plugins/main/public/components/common/data-source/pattern/alerts/virustotal/index.ts b/plugins/main/public/components/common/data-source/pattern/alerts/virustotal/index.ts deleted file mode 100644 index ffed0ecacd..0000000000 --- a/plugins/main/public/components/common/data-source/pattern/alerts/virustotal/index.ts +++ /dev/null @@ -1 +0,0 @@ -export * from './virustotal-data-source'; diff --git a/plugins/main/public/components/common/data-source/pattern/alerts/virustotal/virustotal-data-source.ts b/plugins/main/public/components/common/data-source/pattern/alerts/virustotal/virustotal-data-source.ts deleted file mode 100644 index bd477527a1..0000000000 --- a/plugins/main/public/components/common/data-source/pattern/alerts/virustotal/virustotal-data-source.ts +++ /dev/null @@ -1,28 +0,0 @@ -import { tFilter } from '../../../index'; -import { DATA_SOURCE_FILTER_CONTROLLED_VIRUSTOTAL_RULE_GROUP } from '../../../../../../../common/constants'; -import { AlertsDataSource } from '../alerts-data-source'; - -const VIRUSTOTAL_GROUP_KEY = 'rule.groups'; -const VIRUSTOTAL_GROUP_VALUE = 'virustotal'; - -export class VirusTotalDataSource extends AlertsDataSource { - constructor(id: string, title: string) { - super(id, title); - } - - getRuleGroupsFilter() { - return super.getRuleGroupsFilter( - VIRUSTOTAL_GROUP_KEY, - VIRUSTOTAL_GROUP_VALUE, - DATA_SOURCE_FILTER_CONTROLLED_VIRUSTOTAL_RULE_GROUP, - ); - } - - getFixedFilters(): tFilter[] { - return [ - ...super.getFixedFiltersClusterManager(), - ...this.getRuleGroupsFilter(), - ...super.getFixedFilters(), - ]; - } -} diff --git a/plugins/main/public/components/common/modules/modules-defaults.tsx b/plugins/main/public/components/common/modules/modules-defaults.tsx index 926216572a..0fc4b4b5bc 100644 --- a/plugins/main/public/components/common/modules/modules-defaults.tsx +++ b/plugins/main/public/components/common/modules/modules-defaults.tsx @@ -38,7 +38,6 @@ import { gdprColumns } from '../../overview/gdpr/events/gdpr-columns'; import { tscColumns } from '../../overview/tsc/events/tsc-columns'; import { githubColumns } from '../../overview/github/events/github-columns'; import { mitreAttackColumns } from '../../overview/mitre/events/mitre-attack-columns'; -import { virustotalColumns } from '../../overview/virustotal/events/virustotal-columns'; import { malwareDetectionColumns } from '../../overview/malware-detection/events/malware-detection-columns'; import { WAZUH_VULNERABILITIES_PATTERN } from '../../../../common/constants'; import { @@ -55,7 +54,6 @@ import { DashboardAWS, DashboardOffice365, DashboardThreatHunting, - DashboardVirustotal, DashboardGoogleCloud, DashboardVuls, InventoryVuls, @@ -64,7 +62,6 @@ import { DockerDataSource, AlertsVulnerabilitiesDataSource, AWSDataSource, - VirusTotalDataSource, FIMDataSource, GitHubDataSource, MalwareDetectionDataSource, @@ -311,21 +308,6 @@ export const ModulesDefaults = { ], availableFor: ['manager', 'agent'], }, - virustotal: { - tabs: [ - { - id: 'dashboard', - name: 'Dashboard', - buttons: [ButtonExploreAgent, ButtonModuleGenerateReport], - component: DashboardVirustotal, - }, - renderDiscoverTab({ - tableColumns: virustotalColumns, - DataSource: VirusTotalDataSource, - }), - ], - availableFor: ['manager', 'agent'], - }, docker: { init: 'dashboard', tabs: [ diff --git a/plugins/main/public/components/overview/index.ts b/plugins/main/public/components/overview/index.ts index 74f6becf54..03bc993a63 100644 --- a/plugins/main/public/components/overview/index.ts +++ b/plugins/main/public/components/overview/index.ts @@ -12,5 +12,4 @@ export { DashboardPCIDSS } from './pci/dashboards'; export { DashboardOffice365 } from './office/dashboard'; export { DashboardThreatHunting } from './threat-hunting/dashboard'; export { DashboardTSC } from './tsc/dashboards'; -export { DashboardVirustotal } from './virustotal/dashboard'; export { DashboardVuls, InventoryVuls } from './vulnerabilities'; diff --git a/plugins/main/public/components/overview/virustotal/dashboard/dashboard.tsx b/plugins/main/public/components/overview/virustotal/dashboard/dashboard.tsx deleted file mode 100644 index 29cf0cff74..0000000000 --- a/plugins/main/public/components/overview/virustotal/dashboard/dashboard.tsx +++ /dev/null @@ -1,168 +0,0 @@ -import React, { useState, useEffect } from 'react'; -import { getPlugins } from '../../../../kibana-services'; -import { ViewMode } from '../../../../../../../src/plugins/embeddable/public'; -import { SearchResponse } from '../../../../../../../src/core/server'; -import { IndexPattern } from '../../../../../../../src/plugins/data/common'; -import { getDashboardPanels } from './dashboard_panels'; -import { I18nProvider } from '@osd/i18n/react'; -import useSearchBar from '../../../common/search-bar/use-search-bar'; -import { getKPIsPanel } from './dashboard_panels_kpis'; -import { - ErrorFactory, - ErrorHandler, - HttpError, -} from '../../../../react-services/error-management'; -import { withErrorBoundary } from '../../../common/hocs/error-boundary/with-error-boundary'; -import { SampleDataWarning } from '../../../visualize/components/sample-data-warning'; -import { - AlertsDataSourceRepository, - PatternDataSource, - tParsedIndexPattern, - useDataSource, -} from '../../../common/data-source'; -import { LoadingSearchbarProgress } from '../../../common/loading-searchbar-progress/loading-searchbar-progress'; -import { DiscoverNoResults } from '../../../common/no-results/no-results'; -import { VirusTotalDataSource } from '../../../common/data-source/pattern/alerts/virustotal/virustotal-data-source'; -import './virustotal_dashboard.scss'; -import { useReportingCommunicateSearchContext } from '../../../common/hooks/use-reporting-communicate-search-context'; -import { WzSearchBar } from '../../../common/search-bar'; - -const plugins = getPlugins(); - -const DashboardByRenderer = plugins.dashboard.DashboardContainerByValueRenderer; - -const DashboardVT: React.FC = () => { - const AlertsRepository = new AlertsDataSourceRepository(); - const { - filters, - dataSource, - fetchFilters, - fixedFilters, - isLoading: isDataSourceLoading, - fetchData, - setFilters, - } = useDataSource({ - DataSource: VirusTotalDataSource, - repository: AlertsRepository, - }); - - const [results, setResults] = useState({} as SearchResponse); - - const { searchBarProps } = useSearchBar({ - indexPattern: dataSource?.indexPattern as IndexPattern, - filters, - setFilters, - }); - const { query, absoluteDateRange } = searchBarProps; - - useReportingCommunicateSearchContext({ - isSearching: isDataSourceLoading, - totalResults: results?.hits?.total ?? 0, - indexPattern: dataSource?.indexPattern, - filters: fetchFilters, - query: query, - time: absoluteDateRange, - }); - - useEffect(() => { - if (isDataSourceLoading) { - return; - } - fetchData({ - query, - dateRange: absoluteDateRange, - }) - .then(results => { - setResults(results); - }) - .catch(error => { - const searchError = ErrorFactory.create(HttpError, { - error, - message: 'Error fetching data', - }); - ErrorHandler.handleError(searchError); - }); - }, [ - isDataSourceLoading, - JSON.stringify(fetchFilters), - JSON.stringify(query), - JSON.stringify(absoluteDateRange), - ]); - - return ( - - {isDataSourceLoading && !dataSource ? ( - - ) : ( - <> - - {!isDataSourceLoading && dataSource && results?.hits?.total > 0 ? ( - - ) : null} - {dataSource && results?.hits?.total === 0 ? ( - - ) : null} -
0 - ? '' - : 'wz-no-display' - }`} - > - - -
- - )} - - ); -}; - -export const DashboardVirustotal = withErrorBoundary(DashboardVT); diff --git a/plugins/main/public/components/overview/virustotal/dashboard/dashboard_panels.ts b/plugins/main/public/components/overview/virustotal/dashboard/dashboard_panels.ts deleted file mode 100644 index 1ec019da2b..0000000000 --- a/plugins/main/public/components/overview/virustotal/dashboard/dashboard_panels.ts +++ /dev/null @@ -1,989 +0,0 @@ -import { DashboardPanelState } from '../../../../../../../../src/plugins/dashboard/public/application'; -import { EmbeddableInput } from '../../../../../../../../src/plugins/embeddable/public'; - -/* WARNING: The panel id must be unique including general and agents visualizations. Otherwise, the visualizations will not refresh when we pin an agent, because they are cached by id */ - -/* Overview visualizations */ - -const getVisStateTop5UniqueMaliciousFilesPerAgent = ( - indexPatternId: string, -) => { - return { - id: 'Wazuh-App-Overview-Virustotal-Malicious-Per-Agent', - title: 'Top 5 agents with unique malicious files', - type: 'pie', - params: { - type: 'pie', - addTooltip: true, - addLegend: true, - legendPosition: 'right', - isDonut: true, - labels: { - show: false, - values: true, - last_level: true, - truncate: 100, - }, - }, - data: { - searchSource: { - query: { - language: 'kuery', - query: '', - }, - filter: [ - { - meta: { - index: 'wazuh-alerts', - negate: true, - disabled: false, - alias: null, - type: 'phrase', - key: 'data.virustotal.malicious', - value: '0', - params: { - query: '0', - type: 'phrase', - }, - }, - query: { - match: { - 'data.virustotal.malicious': { - query: '0', - type: 'phrase', - }, - }, - }, - $state: { - store: 'appState', - }, - }, - ], - index: indexPatternId, - }, - references: [ - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: indexPatternId, - }, - ], - aggs: [ - { - id: '1', - enabled: true, - type: 'cardinality', - schema: 'metric', - params: { field: 'data.virustotal.source.md5' }, - }, - { - id: '2', - enabled: true, - type: 'terms', - schema: 'segment', - params: { - field: 'agent.name', - size: 5, - order: 'desc', - orderBy: '1', - }, - }, - ], - }, - }; -}; - -const getVisStateLastScannedFiles = (indexPatternId: string) => { - return { - id: 'Wazuh-App-Overview-Virustotal-Last-Files-Pie', - title: 'Last scanned files', - type: 'pie', - params: { - type: 'pie', - addTooltip: true, - addLegend: true, - legendPosition: 'right', - isDonut: true, - labels: { - show: false, - values: true, - last_level: true, - truncate: 100, - }, - }, - uiState: { - vis: { legendOpen: true }, - }, - data: { - searchSource: { - query: { - language: 'kuery', - query: '', - }, - filter: [], - index: indexPatternId, - }, - references: [ - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: indexPatternId, - }, - ], - aggs: [ - { - id: '1', - enabled: true, - type: 'count', - schema: 'metric', - params: { customLabel: 'Files' }, - }, - { - id: '2', - enabled: true, - type: 'terms', - schema: 'segment', - params: { - field: 'data.virustotal.source.file', - size: 5, - order: 'desc', - orderBy: '1', - }, - }, - ], - }, - }; -}; - -const getVisStateAlertsEvolutionByAgents = (indexPatternId: string) => { - return { - id: 'Wazuh-App-Overview-Virustotal-Alerts-Evolution', - title: 'Alerts evolution by agents', - type: 'histogram', - params: { - type: 'histogram', - grid: { categoryLines: false }, - categoryAxes: [ - { - id: 'CategoryAxis-1', - type: 'category', - position: 'bottom', - show: true, - style: {}, - scale: { type: 'linear' }, - labels: { show: true, filter: true, truncate: 100 }, - title: {}, - }, - ], - valueAxes: [ - { - id: 'ValueAxis-1', - name: 'LeftAxis-1', - type: 'value', - position: 'left', - show: true, - style: {}, - scale: { type: 'linear', mode: 'normal' }, - labels: { show: true, rotate: 0, filter: false, truncate: 100 }, - title: { text: 'Count' }, - }, - ], - seriesParams: [ - { - show: true, - type: 'histogram', - mode: 'stacked', - data: { label: 'Count', id: '1' }, - valueAxis: 'ValueAxis-1', - drawLinesBetweenPoints: true, - lineWidth: 2, - showCircles: true, - }, - ], - addTooltip: true, - addLegend: true, - legendPosition: 'right', - times: [], - addTimeMarker: false, - labels: { show: false }, - thresholdLine: { - show: false, - value: 10, - width: 1, - style: 'full', - color: '#E7664C', - }, - dimensions: { - x: { - accessor: 0, - format: { id: 'date', params: { pattern: 'YYYY-MM-DD HH:mm' } }, - params: { - date: true, - interval: 'PT3H', - intervalOpenSearchValue: 3, - intervalOpenSearchUnit: 'h', - format: 'YYYY-MM-DD HH:mm', - bounds: { - min: '2020-04-17T12:11:35.943Z', - max: '2020-04-24T12:11:35.944Z', - }, - }, - label: 'timestamp per 3 hours', - aggType: 'date_histogram', - }, - y: [ - { - accessor: 2, - format: { id: 'number' }, - params: {}, - label: 'Count', - aggType: 'count', - }, - ], - series: [ - { - accessor: 1, - format: { - id: 'string', - params: { - parsedUrl: { - origin: 'http://localhost:5601', - pathname: '/app/kibana', - basePath: '', - }, - }, - }, - params: {}, - label: 'Top 5 unusual terms in agent.name', - aggType: 'significant_terms', - }, - ], - }, - radiusRatio: 50, - }, - uiState: { - vis: { - defaultColors: { - '0 - 7': 'rgb(247,251,255)', - '7 - 13': 'rgb(219,233,246)', - '13 - 20': 'rgb(187,214,235)', - '20 - 26': 'rgb(137,190,220)', - '26 - 33': 'rgb(83,158,205)', - '33 - 39': 'rgb(42,123,186)', - '39 - 45': 'rgb(11,85,159)', - }, - legendOpen: true, - }, - }, - data: { - searchSource: { - query: { - language: 'kuery', - query: '', - }, - filter: [ - { - meta: { - index: 'wazuh-alerts', - negate: false, - disabled: false, - alias: null, - type: 'exists', - key: 'data.virustotal.positives', - value: 'exists', - }, - exists: { - field: 'data.virustotal.positives', - }, - $state: { - store: 'appState', - }, - }, - { - meta: { - index: 'wazuh-alerts', - negate: true, - disabled: false, - alias: null, - type: 'phrase', - key: 'data.virustotal.positives', - value: '0', - params: { - query: 0, - type: 'phrase', - }, - }, - query: { - match: { - 'data.virustotal.positives': { - query: 0, - type: 'phrase', - }, - }, - }, - $state: { - store: 'appState', - }, - }, - ], - index: indexPatternId, - }, - references: [ - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: indexPatternId, - }, - ], - aggs: [ - { - id: '1', - enabled: true, - type: 'count', - schema: 'metric', - params: {}, - }, - { - id: '3', - enabled: true, - type: 'terms', - schema: 'group', - params: { - field: 'agent.name', - orderBy: '1', - order: 'desc', - size: 5, - otherBucket: false, - otherBucketLabel: 'Other', - missingBucket: false, - missingBucketLabel: 'Missing', - }, - }, - { - id: '2', - enabled: true, - type: 'date_histogram', - schema: 'segment', - params: { - field: 'timestamp', - timeRange: { from: 'now-7d', to: 'now' }, - useNormalizedEsInterval: true, - scaleMetricValues: false, - interval: 'auto', - drop_partials: false, - min_doc_count: 1, - extended_bounds: {}, - }, - }, - ], - }, - }; -}; - -const getVisStateMaliciousFilesAlertsEvolution = (indexPatternId: string) => { - return { - id: 'Wazuh-App-Overview-Virustotal-Malicious-Evolution', - title: 'Malicious files alerts evolution', - type: 'histogram', - params: { - type: 'histogram', - grid: { categoryLines: false, style: { color: '#eee' } }, - categoryAxes: [ - { - id: 'CategoryAxis-1', - type: 'category', - position: 'bottom', - show: true, - style: {}, - scale: { type: 'linear' }, - labels: { show: true, filter: true, truncate: 100 }, - title: {}, - }, - ], - valueAxes: [ - { - id: 'ValueAxis-1', - name: 'LeftAxis-1', - type: 'value', - position: 'left', - show: true, - style: {}, - scale: { type: 'linear', mode: 'normal' }, - labels: { show: true, rotate: 0, filter: false, truncate: 100 }, - title: { text: 'Malicious' }, - }, - ], - seriesParams: [ - { - show: 'true', - type: 'histogram', - mode: 'stacked', - data: { label: 'Malicious', id: '1' }, - valueAxis: 'ValueAxis-1', - drawLinesBetweenPoints: true, - showCircles: true, - }, - ], - addTooltip: true, - addLegend: false, - legendPosition: 'right', - times: [], - addTimeMarker: false, - }, - data: { - searchSource: { - query: { - language: 'kuery', - query: '', - }, - filter: [ - { - meta: { - index: 'wazuh-alerts', - negate: false, - disabled: false, - alias: null, - type: 'exists', - key: 'data.virustotal.malicious', - value: 'exists', - }, - exists: { - field: 'data.virustotal.malicious', - }, - $state: { - store: 'appState', - }, - }, - { - meta: { - index: 'wazuh-alerts', - negate: true, - disabled: false, - alias: null, - type: 'phrase', - key: 'data.virustotal.malicious', - value: '0', - params: { - query: 0, - type: 'phrase', - }, - }, - query: { - match: { - 'data.virustotal.malicious': { - query: 0, - type: 'phrase', - }, - }, - }, - $state: { - store: 'appState', - }, - }, - ], - index: indexPatternId, - }, - references: [ - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: indexPatternId, - }, - ], - aggs: [ - { - id: '1', - enabled: true, - type: 'count', - schema: 'metric', - params: { customLabel: 'Malicious' }, - }, - { - id: '2', - enabled: true, - type: 'date_histogram', - schema: 'segment', - params: { - field: 'timestamp', - interval: 'auto', - customInterval: '2h', - min_doc_count: 1, - extended_bounds: {}, - }, - }, - ], - }, - }; -}; - -const getVisStateLastFiles = (indexPatternId: string) => { - return { - id: 'Wazuh-App-Overview-Virustotal-Files-Table', - title: 'Last files', - type: 'table', - params: { - perPage: 10, - showPartialRows: false, - showMeticsAtAllLevels: false, - sort: { columnIndex: 2, direction: 'desc' }, - showTotal: false, - showToolbar: true, - totalFunc: 'sum', - }, - uiState: { - vis: { params: { sort: { columnIndex: 2, direction: 'desc' } } }, - }, - data: { - searchSource: { - query: { - language: 'kuery', - query: '', - }, - filter: [], - index: indexPatternId, - }, - references: [ - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: indexPatternId, - }, - ], - aggs: [ - { - id: '1', - enabled: true, - type: 'count', - schema: 'metric', - params: { customLabel: 'Count' }, - }, - { - id: '4', - enabled: true, - type: 'terms', - schema: 'bucket', - params: { - field: 'data.virustotal.source.file', - size: 10, - order: 'desc', - orderBy: '1', - customLabel: 'File', - }, - }, - { - id: '2', - enabled: true, - type: 'terms', - schema: 'bucket', - params: { - field: 'data.virustotal.permalink', - size: 1, - order: 'desc', - orderBy: '1', - customLabel: 'Link', - }, - }, - ], - }, - }; -}; - -/* Agent visualizations */ - -const getVisStateAgentLastScannedFiles = (indexPatternId: string) => { - return { - id: 'Wazuh-App-Agents-Virustotal-Last-Files-Pie', - title: 'Last scanned files', - type: 'pie', - params: { - type: 'pie', - addTooltip: true, - addLegend: true, - legendPosition: 'right', - isDonut: true, - labels: { show: false, values: true, last_level: true, truncate: 100 }, - }, - uiState: { vis: { legendOpen: true } }, - data: { - searchSource: { - query: { - language: 'kuery', - query: '', - }, - filter: [], - index: indexPatternId, - }, - references: [ - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: indexPatternId, - }, - ], - aggs: [ - { - id: '1', - enabled: true, - type: 'count', - schema: 'metric', - params: { customLabel: 'Files' }, - }, - { - id: '2', - enabled: true, - type: 'terms', - schema: 'segment', - params: { - field: 'data.virustotal.source.file', - size: 5, - order: 'desc', - orderBy: '1', - }, - }, - ], - }, - }; -}; - -const getVisStateAgentMaliciousFilesAlertsEvolution = ( - indexPatternId: string, -) => { - return { - id: 'Wazuh-App-Agents-Virustotal-Malicious-Evolution', - title: 'Malicious files alerts Evolution', - type: 'histogram', - params: { - type: 'histogram', - grid: { categoryLines: false, style: { color: '#eee' } }, - categoryAxes: [ - { - id: 'CategoryAxis-1', - type: 'category', - position: 'bottom', - show: true, - style: {}, - scale: { type: 'linear' }, - labels: { show: true, filter: true, truncate: 100 }, - title: {}, - }, - ], - valueAxes: [ - { - id: 'ValueAxis-1', - name: 'LeftAxis-1', - type: 'value', - position: 'left', - show: true, - style: {}, - scale: { type: 'linear', mode: 'normal' }, - labels: { show: true, rotate: 0, filter: false, truncate: 100 }, - title: { text: 'Malicious' }, - }, - ], - seriesParams: [ - { - show: 'true', - type: 'histogram', - mode: 'stacked', - data: { label: 'Malicious', id: '1' }, - valueAxis: 'ValueAxis-1', - drawLinesBetweenPoints: true, - showCircles: true, - }, - ], - addTooltip: true, - addLegend: false, - legendPosition: 'right', - times: [], - addTimeMarker: false, - }, - data: { - searchSource: { - query: { - language: 'kuery', - query: '', - }, - filter: [ - { - meta: { - index: 'wazuh-alerts', - negate: false, - disabled: false, - alias: null, - type: 'exists', - key: 'data.virustotal.positives', - value: 'exists', - }, - exists: { - field: 'data.virustotal.positives', - }, - $state: { - store: 'appState', - }, - }, - { - meta: { - index: 'wazuh-alerts', - negate: true, - disabled: false, - alias: null, - type: 'phrase', - key: 'data.virustotal.positives', - value: '0', - params: { - query: 0, - type: 'phrase', - }, - }, - query: { - match: { - 'data.virustotal.positives': { - query: 0, - type: 'phrase', - }, - }, - }, - $state: { - store: 'appState', - }, - }, - ], - index: indexPatternId, - }, - references: [ - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: indexPatternId, - }, - ], - aggs: [ - { - id: '1', - enabled: true, - type: 'count', - schema: 'metric', - params: { customLabel: 'Malicious' }, - }, - { - id: '2', - enabled: true, - type: 'date_histogram', - schema: 'segment', - params: { - field: 'timestamp', - interval: 'auto', - customInterval: '2h', - min_doc_count: 1, - extended_bounds: {}, - }, - }, - ], - }, - }; -}; - -const getVisStateAgentLastFiles = (indexPatternId: string) => { - return { - id: 'Wazuh-App-Agents-Virustotal-Files-Table', - title: 'Last files', - type: 'table', - params: { - perPage: 10, - showPartialRows: false, - showMeticsAtAllLevels: false, - sort: { columnIndex: 2, direction: 'desc' }, - showTotal: false, - showToolbar: true, - totalFunc: 'sum', - }, - uiState: { - vis: { params: { sort: { columnIndex: 2, direction: 'desc' } } }, - }, - data: { - searchSource: { - query: { - language: 'kuery', - query: '', - }, - filter: [], - index: indexPatternId, - }, - references: [ - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: indexPatternId, - }, - ], - aggs: [ - { - id: '1', - enabled: true, - type: 'count', - schema: 'metric', - params: { customLabel: 'Count' }, - }, - { - id: '4', - enabled: true, - type: 'terms', - schema: 'bucket', - params: { - field: 'data.virustotal.source.file', - size: 10, - order: 'desc', - orderBy: '1', - customLabel: 'File', - }, - }, - { - id: '2', - enabled: true, - type: 'terms', - schema: 'bucket', - params: { - field: 'data.virustotal.permalink', - size: 1, - order: 'desc', - orderBy: '1', - missingBucket: true, - missingBucketLabel: '-', - customLabel: 'Link', - }, - }, - ], - }, - }; -}; - -/* Definitiion of panels */ - -export const getDashboardPanels = ( - indexPatternId: string, - pinnedAgent?: boolean, -): { - [panelId: string]: DashboardPanelState< - EmbeddableInput & { [k: string]: unknown } - >; -} => { - const pinnedAgentPanels = { - '6': { - gridData: { - w: 12, - h: 9, - x: 0, - y: 0, - i: '6', - }, - type: 'visualization', - explicitInput: { - id: '6', - savedVis: getVisStateAgentLastScannedFiles(indexPatternId), - }, - }, - '7': { - gridData: { - w: 36, - h: 9, - x: 12, - y: 0, - i: '7', - }, - type: 'visualization', - explicitInput: { - id: '7', - savedVis: getVisStateAgentMaliciousFilesAlertsEvolution(indexPatternId), - }, - }, - '8': { - gridData: { - w: 48, - h: 20, - x: 0, - y: 9, - i: '8', - }, - type: 'visualization', - explicitInput: { - id: '8', - savedVis: getVisStateAgentLastFiles(indexPatternId), - }, - }, - }; - - const panels = { - '1': { - gridData: { - w: 24, - h: 13, - x: 0, - y: 0, - i: '1', - }, - type: 'visualization', - explicitInput: { - id: '1', - savedVis: getVisStateTop5UniqueMaliciousFilesPerAgent(indexPatternId), - }, - }, - '2': { - gridData: { - w: 24, - h: 13, - x: 28, - y: 0, - i: '2', - }, - type: 'visualization', - explicitInput: { - id: '2', - savedVis: getVisStateLastScannedFiles(indexPatternId), - }, - }, - '3': { - gridData: { - w: 48, - h: 20, - x: 0, - y: 13, - i: '3', - }, - type: 'visualization', - explicitInput: { - id: '3', - savedVis: getVisStateAlertsEvolutionByAgents(indexPatternId), - }, - }, - '4': { - gridData: { - w: 48, - h: 9, - x: 0, - y: 23, - i: '4', - }, - type: 'visualization', - explicitInput: { - id: '4', - savedVis: getVisStateMaliciousFilesAlertsEvolution(indexPatternId), - }, - }, - '5': { - gridData: { - w: 48, - h: 20, - x: 0, - y: 32, - i: '5', - }, - type: 'visualization', - explicitInput: { - id: '5', - savedVis: getVisStateLastFiles(indexPatternId), - }, - }, - }; - - return pinnedAgent ? pinnedAgentPanels : panels; -}; diff --git a/plugins/main/public/components/overview/virustotal/dashboard/dashboard_panels_kpis.ts b/plugins/main/public/components/overview/virustotal/dashboard/dashboard_panels_kpis.ts deleted file mode 100644 index 3a738bcc66..0000000000 --- a/plugins/main/public/components/overview/virustotal/dashboard/dashboard_panels_kpis.ts +++ /dev/null @@ -1,304 +0,0 @@ -import { DashboardPanelState } from '../../../../../../../../src/plugins/dashboard/public/application'; -import { EmbeddableInput } from '../../../../../../../../src/plugins/embeddable/public'; - -const getVisStateTotalMalicious = (indexPatternId: string) => { - return { - id: 'Wazuh-App-Overview-Virustotal-Total-Malicious', - title: 'Total Malicious', - type: 'metric', - params: { - addTooltip: true, - addLegend: false, - type: 'metric', - metric: { - percentageMode: false, - useRanges: false, - colorSchema: 'Reds', - metricColorMode: 'Labels', - colorsRange: [ - { - from: 0, - to: 0, - }, - { - from: 0, - to: 0, - }, - ], - labels: { - show: true, - }, - invertColors: false, - style: { - bgFill: '#000', - bgColor: false, - labelColor: false, - subText: '', - fontSize: 40, - }, - }, - }, - data: { - searchSource: { - query: { - language: 'kuery', - query: '', - }, - filter: [], - index: indexPatternId, - }, - references: [ - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: indexPatternId, - }, - ], - aggs: [ - { - id: '1', - enabled: true, - type: 'count', - schema: 'metric', - params: { customLabel: ' ' }, - }, - { - id: '2', - enabled: true, - type: 'filters', - params: { - filters: [ - { - input: { - query: 'data.virustotal.malicious: 1', - language: 'kuery', - }, - label: '- Total malicious', - }, - ], - }, - schema: 'group', - }, - ], - }, - }; -}; - -const getVisStateTotalPositives = (indexPatternId: string) => { - return { - id: 'Wazuh-App-Overview-Virustotal-Total-Positives', - title: 'Total Positives', - type: 'metric', - params: { - addTooltip: true, - addLegend: false, - type: 'metric', - metric: { - percentageMode: false, - useRanges: false, - colorSchema: 'Greens', - metricColorMode: 'Labels', - colorsRange: [ - { - from: 0, - to: 0, - }, - { - from: 0, - to: 0, - }, - ], - labels: { - show: true, - }, - invertColors: false, - style: { - bgFill: '#000', - bgColor: false, - labelColor: false, - subText: '', - fontSize: 40, - }, - }, - }, - data: { - searchSource: { - query: { - language: 'kuery', - query: '', - }, - filter: [], - index: indexPatternId, - }, - references: [ - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: indexPatternId, - }, - ], - aggs: [ - { - id: '1', - enabled: true, - type: 'count', - schema: 'metric', - params: { customLabel: ' ' }, - }, - { - id: '2', - enabled: true, - type: 'filters', - params: { - filters: [ - { - input: { - query: 'data.virustotal.positives: *', - language: 'kuery', - }, - label: '- Total Positives', - }, - ], - }, - schema: 'group', - }, - ], - }, - }; -}; - -const getVisStateTotal = (indexPatternId: string) => { - return { - id: 'Wazuh-App-Overview-Virustotal-Total', - title: 'Total', - type: 'metric', - params: { - addTooltip: true, - addLegend: false, - type: 'metric', - metric: { - percentageMode: false, - useRanges: false, - colorSchema: 'Greens', - metricColorMode: 'Labels', - colorsRange: [ - { - from: 0, - to: 0, - }, - { - from: 0, - to: 0, - }, - ], - labels: { - show: true, - }, - invertColors: false, - style: { - bgFill: '#000', - bgColor: false, - labelColor: false, - subText: '', - fontSize: 40, - }, - }, - }, - data: { - searchSource: { - query: { - language: 'kuery', - query: '', - }, - filter: [], - index: indexPatternId, - }, - references: [ - { - name: 'kibanaSavedObjectMeta.searchSourceJSON.index', - type: 'index-pattern', - id: indexPatternId, - }, - ], - aggs: [ - { - id: '1', - enabled: true, - type: 'count', - schema: 'metric', - params: { customLabel: ' ' }, - }, - { - id: '2', - enabled: true, - type: 'filters', - params: { - filters: [ - { - input: { - query: 'data.virustotal:*', - language: 'kuery', - }, - label: '- Total', - }, - ], - }, - schema: 'group', - }, - ], - }, - }; -}; - -export const getKPIsPanel = ( - indexPatternId: string, -): { - [panelId: string]: DashboardPanelState< - EmbeddableInput & { [k: string]: unknown } - >; -} => { - return { - '1': { - gridData: { - w: 12, - h: 6, - x: 6, - y: 0, - i: '1', - }, - type: 'visualization', - explicitInput: { - id: '1', - savedVis: getVisStateTotalMalicious(indexPatternId), - }, - }, - '2': { - gridData: { - w: 12, - h: 6, - x: 18, - y: 0, - i: '2', - }, - type: 'visualization', - explicitInput: { - id: '2', - savedVis: getVisStateTotalPositives(indexPatternId), - }, - }, - '3': { - gridData: { - w: 12, - h: 6, - x: 30, - y: 0, - i: '3', - }, - type: 'visualization', - explicitInput: { - id: '3', - savedVis: getVisStateTotal(indexPatternId), - }, - }, - }; -}; diff --git a/plugins/main/public/components/overview/virustotal/dashboard/index.tsx b/plugins/main/public/components/overview/virustotal/dashboard/index.tsx deleted file mode 100644 index b58b6c9229..0000000000 --- a/plugins/main/public/components/overview/virustotal/dashboard/index.tsx +++ /dev/null @@ -1 +0,0 @@ -export * from './dashboard'; diff --git a/plugins/main/public/components/overview/virustotal/dashboard/virustotal_dashboard.scss b/plugins/main/public/components/overview/virustotal/dashboard/virustotal_dashboard.scss deleted file mode 100644 index 6e8f3eab43..0000000000 --- a/plugins/main/public/components/overview/virustotal/dashboard/virustotal_dashboard.scss +++ /dev/null @@ -1,10 +0,0 @@ -.virustotal-dashboard-responsive { - @media (max-width: 767px) { - .react-grid-layout { - height: auto !important; - } - .dshLayout-isMaximizedPanel { - height: calc(100vh - 44px) !important; - } - } -} diff --git a/plugins/main/public/components/overview/virustotal/events/virustotal-columns.tsx b/plugins/main/public/components/overview/virustotal/events/virustotal-columns.tsx deleted file mode 100644 index 790561a9e4..0000000000 --- a/plugins/main/public/components/overview/virustotal/events/virustotal-columns.tsx +++ /dev/null @@ -1,40 +0,0 @@ -import { tDataGridColumn } from '../../../common/data-grid'; -import React from 'react'; -import { EuiLink } from '@elastic/eui'; - -export const virustotalColumns: tDataGridColumn[] = [ - { - id: 'timestamp', - isSortable: true, - defaultSortDirection: 'desc', - }, - { - id: 'agent.name', - }, - { - id: 'data.virustotal.source.file', - }, - { - id: 'data.virustotal.permalink', - render: value => { - if (!value) { - return '-'; - } else { - return ( - - {value} - - ); - } - }, - }, - { - id: 'data.virustotal.malicious', - }, - { - id: 'data.virustotal.positives', - }, - { - id: 'data.virustotal.total', - }, -]; diff --git a/plugins/main/public/controllers/management/components/management/configuration/configuration-settings.js b/plugins/main/public/controllers/management/components/management/configuration/configuration-settings.js index bce314f057..32eec21d70 100644 --- a/plugins/main/public/controllers/management/components/management/configuration/configuration-settings.js +++ b/plugins/main/public/controllers/management/components/management/configuration/configuration-settings.js @@ -80,13 +80,6 @@ export default [ goto: 'alerts', when: 'manager', }, - { - name: 'Integrations', - description: - 'Slack, VirusTotal and PagerDuty integrations with external APIs', - goto: 'integrations', - when: 'manager', - }, ], }, { diff --git a/plugins/main/public/controllers/management/components/management/configuration/integrations/integrations.js b/plugins/main/public/controllers/management/components/management/configuration/integrations/integrations.js index 4ab516beef..1ed24981c3 100644 --- a/plugins/main/public/controllers/management/components/management/configuration/integrations/integrations.js +++ b/plugins/main/public/controllers/management/components/management/configuration/integrations/integrations.js @@ -22,12 +22,6 @@ const helpLinks = [ text: 'Integration with external APIs', href: webDocumentationLink('user-manual/manager/manual-integration.html'), }, - { - text: 'VirusTotal integration', - href: webDocumentationLink( - 'user-manual/capabilities/malware-detection/virus-total-integration.html', - ), - }, { text: 'Integration reference', href: webDocumentationLink( @@ -38,10 +32,6 @@ const helpLinks = [ const defaultIntegrations = [ { title: 'Slack', description: 'Get alerts directly on Slack' }, - { - title: 'VirusTotal', - description: 'Get notified when malicious software is found', - }, { title: 'PagerDuty', description: 'Get alerts on this streamlined incident resolution software', diff --git a/plugins/main/public/utils/applications.ts b/plugins/main/public/utils/applications.ts index 3f93a3ec22..76ecbc060c 100644 --- a/plugins/main/public/utils/applications.ts +++ b/plugins/main/public/utils/applications.ts @@ -232,32 +232,6 @@ export const mitreAttack = { }`, }; -// The Virustotal feature and dashboards are no longer in use, as they have been replaced by the Malware Dashboard. -export const virustotal = { - category: 'wz-category-threat-intelligence', - id: 'virustotal', - title: i18n.translate('wz-app-virustotal-title', { - defaultMessage: 'VirusTotal', - }), - breadcrumbLabel: i18n.translate('wz-app-virustotal-breadcrumbLabel', { - defaultMessage: 'VirusTotal', - }), - description: i18n.translate('wz-app-virustotal-description', { - defaultMessage: - 'Alerts resulting from VirusTotal analysis of suspicious files via an integration with their API.', - }), - euiIconType: 'monitoringApp', - order: 303, - showInOverviewApp: true, - showInAgentMenu: true, - redirectTo: () => - `/overview/?tab=virustotal&tabView=dashboard${ - store.getState()?.appStateReducers?.currentAgentData?.id - ? `&agentId=${store.getState()?.appStateReducers?.currentAgentData?.id}` - : '' - }`, -}; - const pciDss = { category: 'wz-category-security-operations', id: 'pci-dss', diff --git a/plugins/main/server/lib/reporting/summary-tables-definitions/agents/index.ts b/plugins/main/server/lib/reporting/summary-tables-definitions/agents/index.ts index 46dee71df3..67ca045213 100644 --- a/plugins/main/server/lib/reporting/summary-tables-definitions/agents/index.ts +++ b/plugins/main/server/lib/reporting/summary-tables-definitions/agents/index.ts @@ -41,15 +41,6 @@ const gcpAlertsSummary = { ] } -const virustotalAlertsSummary = { - title: 'Alerts summary', - aggs: [ - AggregationFields['rule.id'], - AggregationFields['rule.description'], - AggregationFields['rule.level'], - ] -} - const osqueryAlertsSummary = { title: 'Alerts summary', aggs: [ @@ -181,7 +172,6 @@ export default { nist: [nistLastAlerts], gcp: [gcpAlertsSummary], tsc: [tscAlertsSummary], - virustotal: [virustotalAlertsSummary], osquery: [osqueryAlertsSummary], mitre: [mitreAlertsSummary], ciscat: [ciscatAlertsSummary], @@ -191,4 +181,4 @@ export default { gdpr: [gdprLastAlerts], pci: [pciLastAlerts], docker: [dockerAlertsSummary], -} +}; diff --git a/plugins/main/server/routes/wazuh-reporting.ts b/plugins/main/server/routes/wazuh-reporting.ts index 7f78a27458..14ec56d54a 100644 --- a/plugins/main/server/routes/wazuh-reporting.ts +++ b/plugins/main/server/routes/wazuh-reporting.ts @@ -43,7 +43,6 @@ export function WazuhReportingRoutes(router: IRouter) { schema.literal('ciscat'), schema.literal('vuls'), schema.literal('mitre'), - schema.literal('virustotal'), schema.literal('docker'), schema.literal('osquery'), schema.literal('oscap'), diff --git a/plugins/main/test/cypress/cypress/integration/pageobjects/basic/modules-directory.page.js b/plugins/main/test/cypress/cypress/integration/pageobjects/basic/modules-directory.page.js index cfd9ee32a9..1da81f4494 100644 --- a/plugins/main/test/cypress/cypress/integration/pageobjects/basic/modules-directory.page.js +++ b/plugins/main/test/cypress/cypress/integration/pageobjects/basic/modules-directory.page.js @@ -3,7 +3,6 @@ export const MODULES_DIRECTORY_PAGE = { gCPCard: '[data-test-subj="overviewWelcomeGcp"]', openSCAPCard: '[data-test-subj="overviewWelcomeOscap"]', cisCatCard: '[data-test-subj="overviewWelcomeCiscat"]', - virusTotalCard: '[data-test-subj="overviewWelcomeVirustotal"]', osqueryCard: '[data-test-subj="overviewWelcomeOsquery"]', dockerListenerCard: '[data-test-subj="overviewWelcomeDocker"]', gDPRCard: '[data-test-subj="overviewWelcomeGdpr"]', diff --git a/plugins/main/test/cypress/cypress/integration/pageobjects/basic/settings/modules.page.js b/plugins/main/test/cypress/cypress/integration/pageobjects/basic/settings/modules.page.js index 2628f3faaa..4317934e06 100644 --- a/plugins/main/test/cypress/cypress/integration/pageobjects/basic/settings/modules.page.js +++ b/plugins/main/test/cypress/cypress/integration/pageobjects/basic/settings/modules.page.js @@ -1,13 +1,22 @@ export const MODULES_PAGE = { - amazonAWSToggleButton: ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - gCPToggleButton: ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - gitHubCardToggleButton: ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(6) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - openSCAPToggleButton: ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - cisCatToggleButton: ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - virusTotalToggleButton: ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(3) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - osqueryToggleButton: ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - dockerListenerToggleButton: ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - gDPRToggleButton: ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(3) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - hIPAAToggleButton: ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - tSCToggleButton: ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + amazonAWSToggleButton: + ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + gCPToggleButton: + ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + gitHubCardToggleButton: + ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(6) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + openSCAPToggleButton: + ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + cisCatToggleButton: + ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + osqueryToggleButton: + ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + dockerListenerToggleButton: + ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + gDPRToggleButton: + ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(3) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + hIPAAToggleButton: + ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + tSCToggleButton: + ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', }; diff --git a/plugins/main/test/cypress/cypress/integration/pageobjects/basic/wazuh-menu/wazuh-menu.page.js b/plugins/main/test/cypress/cypress/integration/pageobjects/basic/wazuh-menu/wazuh-menu.page.js index 1f8d860b2c..e4f469f63d 100644 --- a/plugins/main/test/cypress/cypress/integration/pageobjects/basic/wazuh-menu/wazuh-menu.page.js +++ b/plugins/main/test/cypress/cypress/integration/pageobjects/basic/wazuh-menu/wazuh-menu.page.js @@ -28,7 +28,6 @@ export const WAZUH_MENU_PAGE = { cisCatLink: '[data-test-subj=menuModulesCiscatLink]', securityConfigurationAssessmentLink: '[data-test-subj=menuModulesScaLink]', vulnerabilitiesLink: '[data-test-subj=menuModulesVulsLink]', - virusTotalLink: '[data-test-subj=menuModulesVirustotalLink]', osqueryLink: '[data-test-subj=menuModulesOsqueryLink]', dockerListenerLink: '[data-test-subj=menuModulesDockerLink]', mitreAttackLink: '[data-test-subj=menuModulesMitreLink]', diff --git a/plugins/main/test/cypress/cypress/integration/pageobjects/odfe/modules-directory.page.js b/plugins/main/test/cypress/cypress/integration/pageobjects/odfe/modules-directory.page.js index 49a40d905a..1b96cf42d7 100644 --- a/plugins/main/test/cypress/cypress/integration/pageobjects/odfe/modules-directory.page.js +++ b/plugins/main/test/cypress/cypress/integration/pageobjects/odfe/modules-directory.page.js @@ -3,7 +3,6 @@ export const MODULES_DIRECTORY_PAGE = { gCPCard: '[data-test-subj="overviewWelcomeGcp"]', openSCAPCard: '[data-test-subj="overviewWelcomeOscap"]', cisCatCard: '[data-test-subj="overviewWelcomeCiscat"]', - virusTotalCard: '[data-test-subj="overviewWelcomeVirustotal"]', osqueryCard: '[data-test-subj="overviewWelcomeOsquery"]', dockerListenerCard: '[data-test-subj="overviewWelcomeDocker"]', gDPRCard: '[data-test-subj="overviewWelcomeGdpr"]', diff --git a/plugins/main/test/cypress/cypress/integration/pageobjects/odfe/settings/modules.page.js b/plugins/main/test/cypress/cypress/integration/pageobjects/odfe/settings/modules.page.js index 2628f3faaa..4317934e06 100644 --- a/plugins/main/test/cypress/cypress/integration/pageobjects/odfe/settings/modules.page.js +++ b/plugins/main/test/cypress/cypress/integration/pageobjects/odfe/settings/modules.page.js @@ -1,13 +1,22 @@ export const MODULES_PAGE = { - amazonAWSToggleButton: ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - gCPToggleButton: ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - gitHubCardToggleButton: ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(6) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - openSCAPToggleButton: ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - cisCatToggleButton: ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - virusTotalToggleButton: ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(3) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - osqueryToggleButton: ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - dockerListenerToggleButton: ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - gDPRToggleButton: ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(3) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - hIPAAToggleButton: ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - tSCToggleButton: ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + amazonAWSToggleButton: + ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + gCPToggleButton: + ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + gitHubCardToggleButton: + ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(6) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + openSCAPToggleButton: + ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + cisCatToggleButton: + ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + osqueryToggleButton: + ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + dockerListenerToggleButton: + ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + gDPRToggleButton: + ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(3) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + hIPAAToggleButton: + ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + tSCToggleButton: + ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', }; diff --git a/plugins/main/test/cypress/cypress/integration/pageobjects/odfe/wazuh-menu/wazuh-menu.page.js b/plugins/main/test/cypress/cypress/integration/pageobjects/odfe/wazuh-menu/wazuh-menu.page.js index 1f8d860b2c..e4f469f63d 100644 --- a/plugins/main/test/cypress/cypress/integration/pageobjects/odfe/wazuh-menu/wazuh-menu.page.js +++ b/plugins/main/test/cypress/cypress/integration/pageobjects/odfe/wazuh-menu/wazuh-menu.page.js @@ -28,7 +28,6 @@ export const WAZUH_MENU_PAGE = { cisCatLink: '[data-test-subj=menuModulesCiscatLink]', securityConfigurationAssessmentLink: '[data-test-subj=menuModulesScaLink]', vulnerabilitiesLink: '[data-test-subj=menuModulesVulsLink]', - virusTotalLink: '[data-test-subj=menuModulesVirustotalLink]', osqueryLink: '[data-test-subj=menuModulesOsqueryLink]', dockerListenerLink: '[data-test-subj=menuModulesDockerLink]', mitreAttackLink: '[data-test-subj=menuModulesMitreLink]', diff --git a/plugins/main/test/cypress/cypress/integration/pageobjects/wzd/modules-directory.page.js b/plugins/main/test/cypress/cypress/integration/pageobjects/wzd/modules-directory.page.js index 49a40d905a..1b96cf42d7 100644 --- a/plugins/main/test/cypress/cypress/integration/pageobjects/wzd/modules-directory.page.js +++ b/plugins/main/test/cypress/cypress/integration/pageobjects/wzd/modules-directory.page.js @@ -3,7 +3,6 @@ export const MODULES_DIRECTORY_PAGE = { gCPCard: '[data-test-subj="overviewWelcomeGcp"]', openSCAPCard: '[data-test-subj="overviewWelcomeOscap"]', cisCatCard: '[data-test-subj="overviewWelcomeCiscat"]', - virusTotalCard: '[data-test-subj="overviewWelcomeVirustotal"]', osqueryCard: '[data-test-subj="overviewWelcomeOsquery"]', dockerListenerCard: '[data-test-subj="overviewWelcomeDocker"]', gDPRCard: '[data-test-subj="overviewWelcomeGdpr"]', diff --git a/plugins/main/test/cypress/cypress/integration/pageobjects/wzd/settings/modules.page.js b/plugins/main/test/cypress/cypress/integration/pageobjects/wzd/settings/modules.page.js index 2628f3faaa..4317934e06 100644 --- a/plugins/main/test/cypress/cypress/integration/pageobjects/wzd/settings/modules.page.js +++ b/plugins/main/test/cypress/cypress/integration/pageobjects/wzd/settings/modules.page.js @@ -1,13 +1,22 @@ export const MODULES_PAGE = { - amazonAWSToggleButton: ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - gCPToggleButton: ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - gitHubCardToggleButton: ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(6) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - openSCAPToggleButton: ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - cisCatToggleButton: ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - virusTotalToggleButton: ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(3) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - osqueryToggleButton: ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - dockerListenerToggleButton: ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - gDPRToggleButton: ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(3) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - hIPAAToggleButton: ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - tSCToggleButton: ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + amazonAWSToggleButton: + ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + gCPToggleButton: + ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + gitHubCardToggleButton: + ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(6) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + openSCAPToggleButton: + ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + cisCatToggleButton: + ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + osqueryToggleButton: + ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + dockerListenerToggleButton: + ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + gDPRToggleButton: + ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(3) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + hIPAAToggleButton: + ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + tSCToggleButton: + ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', }; diff --git a/plugins/main/test/cypress/cypress/integration/pageobjects/wzd/wazuh-menu/wazuh-menu.page.js b/plugins/main/test/cypress/cypress/integration/pageobjects/wzd/wazuh-menu/wazuh-menu.page.js index 1f8d860b2c..e4f469f63d 100644 --- a/plugins/main/test/cypress/cypress/integration/pageobjects/wzd/wazuh-menu/wazuh-menu.page.js +++ b/plugins/main/test/cypress/cypress/integration/pageobjects/wzd/wazuh-menu/wazuh-menu.page.js @@ -28,7 +28,6 @@ export const WAZUH_MENU_PAGE = { cisCatLink: '[data-test-subj=menuModulesCiscatLink]', securityConfigurationAssessmentLink: '[data-test-subj=menuModulesScaLink]', vulnerabilitiesLink: '[data-test-subj=menuModulesVulsLink]', - virusTotalLink: '[data-test-subj=menuModulesVirustotalLink]', osqueryLink: '[data-test-subj=menuModulesOsqueryLink]', dockerListenerLink: '[data-test-subj=menuModulesDockerLink]', mitreAttackLink: '[data-test-subj=menuModulesMitreLink]', diff --git a/plugins/main/test/cypress/cypress/integration/pageobjects/xpack/modules-directory.page.js b/plugins/main/test/cypress/cypress/integration/pageobjects/xpack/modules-directory.page.js index cfd9ee32a9..1da81f4494 100644 --- a/plugins/main/test/cypress/cypress/integration/pageobjects/xpack/modules-directory.page.js +++ b/plugins/main/test/cypress/cypress/integration/pageobjects/xpack/modules-directory.page.js @@ -3,7 +3,6 @@ export const MODULES_DIRECTORY_PAGE = { gCPCard: '[data-test-subj="overviewWelcomeGcp"]', openSCAPCard: '[data-test-subj="overviewWelcomeOscap"]', cisCatCard: '[data-test-subj="overviewWelcomeCiscat"]', - virusTotalCard: '[data-test-subj="overviewWelcomeVirustotal"]', osqueryCard: '[data-test-subj="overviewWelcomeOsquery"]', dockerListenerCard: '[data-test-subj="overviewWelcomeDocker"]', gDPRCard: '[data-test-subj="overviewWelcomeGdpr"]', diff --git a/plugins/main/test/cypress/cypress/integration/pageobjects/xpack/settings/modules.page.js b/plugins/main/test/cypress/cypress/integration/pageobjects/xpack/settings/modules.page.js index 2628f3faaa..4317934e06 100644 --- a/plugins/main/test/cypress/cypress/integration/pageobjects/xpack/settings/modules.page.js +++ b/plugins/main/test/cypress/cypress/integration/pageobjects/xpack/settings/modules.page.js @@ -1,13 +1,22 @@ export const MODULES_PAGE = { - amazonAWSToggleButton: ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - gCPToggleButton: ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - gitHubCardToggleButton: ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(6) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - openSCAPToggleButton: ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - cisCatToggleButton: ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - virusTotalToggleButton: ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(3) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - osqueryToggleButton: ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - dockerListenerToggleButton: ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - gDPRToggleButton: ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(3) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - hIPAAToggleButton: ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', - tSCToggleButton: ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + amazonAWSToggleButton: + ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + gCPToggleButton: + ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + gitHubCardToggleButton: + ':nth-child(1) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(6) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + openSCAPToggleButton: + ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + cisCatToggleButton: + ':nth-child(2) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + osqueryToggleButton: + ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + dockerListenerToggleButton: + ':nth-child(3) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + gDPRToggleButton: + ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(3) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + hIPAAToggleButton: + ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(4) > .euiFlexItem--flexGrowZero > .euiSwitch > button', + tSCToggleButton: + ':nth-child(4) > .euiPanel > :nth-child(3) > :nth-child(1) > :nth-child(1) > :nth-child(5) > .euiFlexItem--flexGrowZero > .euiSwitch > button', }; diff --git a/plugins/main/test/cypress/cypress/integration/pageobjects/xpack/wazuh-menu/wazuh-menu.page.js b/plugins/main/test/cypress/cypress/integration/pageobjects/xpack/wazuh-menu/wazuh-menu.page.js index 7119d9ff65..7bffaeba01 100644 --- a/plugins/main/test/cypress/cypress/integration/pageobjects/xpack/wazuh-menu/wazuh-menu.page.js +++ b/plugins/main/test/cypress/cypress/integration/pageobjects/xpack/wazuh-menu/wazuh-menu.page.js @@ -28,7 +28,6 @@ export const WAZUH_MENU_PAGE = { cisCatLink: '[data-test-subj=menuModulesCiscatLink]', securityConfigurationAssessmentLink: '[data-test-subj=menuModulesScaLink]', vulnerabilitiesLink: '[data-test-subj=menuModulesVulsLink]', - virusTotalLink: '[data-test-subj=menuModulesVirustotalLink]', osqueryLink: '[data-test-subj=menuModulesOsqueryLink]', dockerListenerLink: '[data-test-subj=menuModulesDockerLink]', mitreAttackLink: '[data-test-subj=menuModulesMitreLink]', @@ -70,7 +69,8 @@ export const WAZUH_MENU_PAGE = { //endregion //region Settings settingsApiConfigurationLink: '[data-test-subj=menuSettingsApiLink]', - settingsModulesLink: '.wz-menu-right-side .WzManagementSideMenu [data-test-subj=menuSettingsModulesLink]', + settingsModulesLink: + '.wz-menu-right-side .WzManagementSideMenu [data-test-subj=menuSettingsModulesLink]', settingsSampleDataLink: '[data-test-subj=menuSettingsSampleDataLink]', settingsConfigurationLink: '[data-test-subj=menuSettingsConfigurationLink]', settingsLogsLink: '[data-test-subj=menuSettingsLogsLink]', diff --git a/plugins/main/test/cypress/cypress/integration/utils/mappers/basic/modules-mapper.js b/plugins/main/test/cypress/cypress/integration/utils/mappers/basic/modules-mapper.js index bb21a9d4e5..d1cbc1d954 100644 --- a/plugins/main/test/cypress/cypress/integration/utils/mappers/basic/modules-mapper.js +++ b/plugins/main/test/cypress/cypress/integration/utils/mappers/basic/modules-mapper.js @@ -11,7 +11,6 @@ export const MODULES_CARDS = { GitHub: MODULES_PAGE['gitHubCardToggleButton'], OpenSCAP: MODULES_PAGE['openSCAPToggleButton'], 'CIS-CAT': MODULES_PAGE['cisCatToggleButton'], - VirusTotal: MODULES_PAGE['virusTotalToggleButton'], Osquery: MODULES_PAGE['osqueryToggleButton'], 'Docker listener': MODULES_PAGE['dockerListenerToggleButton'], GDPR: MODULES_PAGE['gDPRToggleButton'], @@ -25,7 +24,6 @@ export const MODULES_SETTINGS = { GitHub: MODULES_DIRECTORY_PAGE['gitHubCard'], OpenSCAP: MODULES_DIRECTORY_PAGE['openSCAPCard'], 'CIS-CAT': MODULES_DIRECTORY_PAGE['cisCatCard'], - VirusTotal: MODULES_DIRECTORY_PAGE['virusTotalCard'], Osquery: MODULES_DIRECTORY_PAGE['osqueryCard'], 'Docker listener': MODULES_DIRECTORY_PAGE['dockerListenerCard'], GDPR: MODULES_DIRECTORY_PAGE['gDPRCard'], diff --git a/plugins/main/test/cypress/cypress/integration/utils/mappers/odfe/modules-mapper.js b/plugins/main/test/cypress/cypress/integration/utils/mappers/odfe/modules-mapper.js index 0f13240bee..3cb3fa3a54 100644 --- a/plugins/main/test/cypress/cypress/integration/utils/mappers/odfe/modules-mapper.js +++ b/plugins/main/test/cypress/cypress/integration/utils/mappers/odfe/modules-mapper.js @@ -11,7 +11,6 @@ export const MODULES_CARDS = { GitHub: MODULES_PAGE['gitHubCardToggleButton'], OpenSCAP: MODULES_PAGE['openSCAPToggleButton'], 'CIS-CAT': MODULES_PAGE['cisCatToggleButton'], - VirusTotal: MODULES_PAGE['virusTotalToggleButton'], Osquery: MODULES_PAGE['osqueryToggleButton'], 'Docker listener': MODULES_PAGE['dockerListenerToggleButton'], GDPR: MODULES_PAGE['gDPRToggleButton'], @@ -25,7 +24,6 @@ export const MODULES_SETTINGS = { GitHub: MODULES_DIRECTORY_PAGE['gitHubCard'], OpenSCAP: MODULES_DIRECTORY_PAGE['openSCAPCard'], 'CIS-CAT': MODULES_DIRECTORY_PAGE['cisCatCard'], - VirusTotal: MODULES_DIRECTORY_PAGE['virusTotalCard'], Osquery: MODULES_DIRECTORY_PAGE['osqueryCard'], 'Docker listener': MODULES_DIRECTORY_PAGE['dockerListenerCard'], GDPR: MODULES_DIRECTORY_PAGE['gDPRCard'], diff --git a/plugins/main/test/cypress/cypress/integration/utils/mappers/wzd/modules-mapper.js b/plugins/main/test/cypress/cypress/integration/utils/mappers/wzd/modules-mapper.js index 22a70ed995..6de19b694d 100644 --- a/plugins/main/test/cypress/cypress/integration/utils/mappers/wzd/modules-mapper.js +++ b/plugins/main/test/cypress/cypress/integration/utils/mappers/wzd/modules-mapper.js @@ -11,7 +11,6 @@ export const MODULES_CARDS = { GitHub: MODULES_PAGE['gitHubCardToggleButton'], OpenSCAP: MODULES_PAGE['openSCAPToggleButton'], 'CIS-CAT': MODULES_PAGE['cisCatToggleButton'], - VirusTotal: MODULES_PAGE['virusTotalToggleButton'], Osquery: MODULES_PAGE['osqueryToggleButton'], 'Docker listener': MODULES_PAGE['dockerListenerToggleButton'], GDPR: MODULES_PAGE['gDPRToggleButton'], @@ -25,7 +24,6 @@ export const MODULES_SETTINGS = { GitHub: MODULES_DIRECTORY_PAGE['gitHubCard'], OpenSCAP: MODULES_DIRECTORY_PAGE['openSCAPCard'], 'CIS-CAT': MODULES_DIRECTORY_PAGE['cisCatCard'], - VirusTotal: MODULES_DIRECTORY_PAGE['virusTotalCard'], Osquery: MODULES_DIRECTORY_PAGE['osqueryCard'], 'Docker listener': MODULES_DIRECTORY_PAGE['dockerListenerCard'], GDPR: MODULES_DIRECTORY_PAGE['gDPRCard'], diff --git a/plugins/main/test/cypress/cypress/integration/utils/mappers/xpack/modules-mapper.js b/plugins/main/test/cypress/cypress/integration/utils/mappers/xpack/modules-mapper.js index 3fe4616936..eef8fed129 100644 --- a/plugins/main/test/cypress/cypress/integration/utils/mappers/xpack/modules-mapper.js +++ b/plugins/main/test/cypress/cypress/integration/utils/mappers/xpack/modules-mapper.js @@ -11,7 +11,6 @@ export const MODULES_CARDS = { GitHub: MODULES_PAGE['gitHubCardToggleButton'], OpenSCAP: MODULES_PAGE['openSCAPToggleButton'], 'CIS-CAT': MODULES_PAGE['cisCatToggleButton'], - VirusTotal: MODULES_PAGE['virusTotalToggleButton'], Osquery: MODULES_PAGE['osqueryToggleButton'], 'Docker listener': MODULES_PAGE['dockerListenerToggleButton'], GDPR: MODULES_PAGE['gDPRToggleButton'], @@ -25,7 +24,6 @@ export const MODULES_SETTINGS = { GitHub: MODULES_DIRECTORY_PAGE['gitHubCard'], OpenSCAP: MODULES_DIRECTORY_PAGE['openSCAPCard'], 'CIS-CAT': MODULES_DIRECTORY_PAGE['cisCatCard'], - VirusTotal: MODULES_DIRECTORY_PAGE['virusTotalCard'], Osquery: MODULES_DIRECTORY_PAGE['osqueryCard'], 'Docker listener': MODULES_DIRECTORY_PAGE['dockerListenerCard'], GDPR: MODULES_DIRECTORY_PAGE['gDPRCard'], diff --git a/scripts/wazuh-alerts-generator/cli.js b/scripts/wazuh-alerts-generator/cli.js index 960cb418df..15f426b590 100644 --- a/scripts/wazuh-alerts-generator/cli.js +++ b/scripts/wazuh-alerts-generator/cli.js @@ -108,13 +108,7 @@ 'windows', ], 'auditing-policy-monitoring': ['audit', 'ciscat', 'openscap', 'rootcheck'], - 'thread-detection': [ - 'docker', - 'mitre', - 'osquery', - 'virustotal', - 'vulnerabilities', - ], + 'thread-detection': ['docker', 'mitre', 'osquery', 'vulnerabilities'], }; function displayHelp() {