Module: Wazuh::Api::Endpoints::Agents

Included in:
Wazuh::Api::Endpoints, V4::Agents
Defined in:
lib/wazuh/api/endpoints/agents.rb

Instance Method Summary collapse

Instance Method Details

#add_agent(options = {}) ⇒ Object

Add a new agent

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :name (name)

    Name to agent

  • :ip (ip)

    IP to agent If this is not included, the API will get the IP automatically. If you are behind a proxy, you must set the option config.BehindProxyServer to yes at config.js. Allowed values: IP, IP/NET, ANY

  • :force (force)

    Remove the old agent with the same IP if disconnected since <force> seconds.

See Also:



176
177
178
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 176

def add_agent(options = {})
  post '/agents', options
end

#add_agent_quick(agent_name) ⇒ Object

Adds a new agent with name :agent_name. This agent will use ANY as IP.

Parameters:

  • agent_name (String)

    Name to agent

See Also:



210
211
212
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 210

def add_agent_quick(agent_name)
  put "/agents/#{agent_name}"
end

#add_agent_to_group(agent_id, group_id, options = {}) ⇒ Object

Add agent group Adds an agent to the specified group.

Parameters:

  • agent_id (String)

    Agent unique ID

  • group_id (String)

    Group ID

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • force_single_group (Bool)

    Whether to append new group to current agent’s group or replace it.

See Also:



280
281
282
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 280

def add_agent_to_group(agent_id, group_id, options = {})
  put "/agents/#{agent_id}/group/#{group_id}", options
end

#add_agents_to_group(ids, group_id) ⇒ Object

Add a list of agents to a group Adds a list of agents to the specified group

Parameters:

  • ids (Array[String])

    List of agent ID

  • group_id (String)

See Also:



266
267
268
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 266

def add_agents_to_group(ids, group_id)
  post "/agents/group/#{group_id}", {ids: ids}
end

#agent(agent_id, options = {}) ⇒ Sawyer::Resource

Returns various information from an agent.

Parameters:

  • agent_id (String)

    ID to agent

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :select (select)

    List of selected fields separated by commas.

Returns:

  • (Sawyer::Resource)

    Returns Sawyer::Resource

See Also:



37
38
39
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 37

def agent(agent_id, options = {})
  get "/agents/#{agent_id}", options
end

#agent_by_name(agent_name, options = {}) ⇒ Sawyer::Resource

Returns various information from an agent called :agent_name.

Parameters:

  • agent_name (String)

    Name to agent

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :select (select)

    List of selected fields separated by commas.

Returns:

  • (Sawyer::Resource)

    Returns Sawyer::Resource

See Also:



49
50
51
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 49

def agent_by_name(agent_name, options = {})
  get "/agents/name/#{agent_name}", options
end

#agent_config(agent_id, component, configuration) ⇒ Object

Get active configuration

Parameters:

  • agent_id (String)
  • component (String)

    Selected component. Alowed values see document

  • configuration (String)

    Selected component. Alowed values see document

See Also:



238
239
240
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 238

def agent_config(agent_id, component, configuration)
  get "/agents/#{agent_id}/config/#{component}/#{configuration}"
end

#agent_key(agent_id, options = {}) ⇒ String

Get agent key Returns the key of an agent.

Parameters:

  • agent_id (String)

    ID to agent

Returns:

  • (String)

    Returns the key of an agent

See Also:



60
61
62
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 60

def agent_key(agent_id, options = {})
  get "/agents/#{agent_id}/key"
end

#agent_os_summary(options = {}) ⇒ Object

Get OS summary Returns a summary of the OS.

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • offset (Number)
  • limit (Number)
  • sort (String)
  • search (String)
  • q (String)

See Also:



436
437
438
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 436

def agent_os_summary(options = {})
  get "/agents/summary/os"
end

#agent_summaryObject

Get agents summary Returns a summary of the available agents.

See Also:



444
445
446
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 444

def agent_summary
  get "/agents/summary"
end

#agent_sync_status(agent_id) ⇒ Object

Get sync status of agent Returns the sync status in JSON format

Parameters:

  • agent_id (String)

    Agent ID

See Also:



255
256
257
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 255

def agent_sync_status(agent_id)
  get "/agent/#{agent_id}/group/is_sync"
end

#agent_upgrade(agent_id, options = {}) ⇒ Object

Upgrade agent using online repository

Upgrade the agent using a WPK file from online repository.

Parameters:

  • :agent_id (String)
  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :wpk_repo (String)

    WPK repository.

  • :version (String)

    Wazuh version

  • :use_http (Boolean)

    Use protocol HTTP. If it is false use HTTPS. By default the value is set to false.

  • :force (Integer)

    Force upgrade. Allow values: 0 or 1.

See Also:



160
161
162
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 160

def agent_upgrade(agent_id, options = {})
  put "/agents/#{agent_id}/upgrade", options
end

#agent_upgrade_custom(agent_id, options = {}) ⇒ Object

Upgrade agent using custom file.

Parameters:

  • :agent_id (String)

    Agent unique ID.

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :file_path (String)

    Path to the WPK file. The file must be on a folder on the Wazuh’s installation directory (by default, /var/ossec).

  • :installer (String)

    Installation script.

See Also:



143
144
145
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 143

def agent_upgrade_custom(agent_id, options = {})
  put "/agents/#{agent_id}/upgrade_custom", options
end

#agents_by_group(group_id, options = {}) ⇒ Object

Get agents in a group Returns the list of agents in a group.

Parameters:

  • group_id (String)

    Group ID

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • offset (Number)
  • limit (Number)
  • select (String)
  • sort (String)
  • search (String)
  • status (String)
  • q (String)

See Also:



321
322
323
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 321

def agents_by_group(group_id, options = {})
  offset_request('get', "/agents/groups/#{group_id}", options)
end

#agents_by_no_group(options = {}) ⇒ Object

Get agents without group Returns a list with the available agents without group.

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • offset (Number)
  • limit (Number)
  • select (String)
  • sort (String)
  • search (String)
  • status (String)
  • q (String)

See Also:



336
337
338
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 336

def agents_by_no_group(options = {})
  get 'agents/no_group', options
end

#all_agents(options = {}) ⇒ Array

Returns a list with the available agents.

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :offset (String)

    First element to return in the collection.

  • :limit (String)

    Maximum number of elements to return.

  • :select (String)

    Select which fields to return (separated by comma).

  • :sort (String)

    Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.

  • :search (String)

    Looks for elements with the specified string.

  • :status (String)

    Filters by agent status. Use commas to enter multiple statuses. Allowed values: active, pending, neverconnected, disconnected

  • :order_than (String)

    Filters out disconnected agents for longer than specified. Time in seconds, ‘[n_days]d’, ‘[n_hours]h’, ‘[n_minutes]m’ or ‘[n_seconds]s’. For never connected agents, uses the register date.

Returns:

  • (Array)

    Returns Array containing agents

See Also:



25
26
27
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 25

def all_agents(options = {})
  offset_request('get', '/agents', options)
end

#create_group(group_id) ⇒ Object

Create a group Creates a new group.

Parameters:

  • group_id (String)

    Group ID

See Also:



290
291
292
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 290

def create_group(group_id)
  put "/agents/groups/#{group_id}"
end

#delete_agent(agent_id, options = {}) ⇒ Object

Delete an agent Removes an agent.

Parameters:

  • agent_id (String)
  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • purge (Bool)

    Delete an agent from the key store. This parameter is only valid if purge is set to no in the manager’s ossec.conf.

See Also:



187
188
189
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 187

def delete_agent(agent_id, options = {})
  delete "/agents/#{agent_id}", options
end

#delete_agent_by_group(ids) ⇒ Object

Delete a list of groups

Parameters:

  • ids (String)

See Also:



245
246
247
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 245

def delete_agent_by_group(ids)
  delete '/agents/groups', {ids: ids}
end

#delete_agents(options = {}) ⇒ Object

Delete agents Removes agents, using a list of them or a criterion based on the status or time of the last connection.

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • ids (String)

    Agent IDs separated by commas.

  • purge (Bool)

    Delete an agent from the key store. This parameter is only valid if purge is set to no in the manager’s ossec.conf.

  • status (String)

    Filters by agent status. Use commas to enter multiple statuses. Allowed values: active, pending, neverconnected, disconnected

  • older_than (String)

    Filters out disconnected agents for longer than specified. Time in seconds, ‘[n_days]d’, ‘[n_hours]h’, ‘[n_minutes]m’ or ‘[n_seconds]s’. For never connected agents, uses the register date. Default value: 7d.



201
202
203
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 201

def delete_agents(options = {})
  delete '/agents', options
end

#distinct_fields_in_agents(options = {}) ⇒ Object

Returns all the different combinations that agents have for the selected fields. It also indicates the total number of agents that have each combination.

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :offset (offset)

    First element to return in the collection.

  • :limit (limit)

    Maximum number of elements to return.

  • :sort (sort)

    Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.

  • :search (search)

    Looks for elements with the specified string.

  • :fileds (fileds)

    List of fields affecting the operation.

  • :select (select)

    List of selected fields separated by commas.

  • :q (q)

    Query to filter result. For example q=”status=Active”

See Also:



105
106
107
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 105

def distinct_fields_in_agents(options = {})
  get '/agents/stats/distinct', options
end

#get_file_in_group(group_id, filename, options = {}) ⇒ Object

Get a file in group Returns the specified file belonging to the group parsed to JSON.

Parameters:

  • group_id (String)

    Group ID

  • filename (String)

    Filename

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • type (String)
  • format (String)

See Also:



304
305
306
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 304

def get_file_in_group(group_id, filename, options = {})
  get "agents/groups/#{group_id}/files/#{filename}", options
end

#group_configuration(group_id, options = {}) ⇒ Object

Get group configuration

Parameters:

  • group_id (String)
  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • offset (Number)
  • limit (Number)

See Also:



346
347
348
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 346

def group_configuration(group_id, options = {})
  get "/agents/groups/#{group_id}/configuration", options
end

#group_files(group_id, options = {}) ⇒ Object

Get group files Returns the files belonging to the group.

Parameters:

  • group_id (String)
  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • offset (Number)
  • limit (Number)
  • sort (String)
  • search (String)
  • hash (String)

See Also:



360
361
362
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 360

def group_files(group_id, options = {})
  get "/agents/groups/#{group_id}/files", options
end

#groups(options = {}) ⇒ Object

Get groups Returns the list of existing agent groups.

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • offset (Number)
  • limit (Number)
  • sort (String)
  • search (String)
  • hash (String)
  • q (String) 


373
374
375
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 373

def groups(options = {})
  get '/agents/groups', options
end

#insert_agent(options = {}) ⇒ Object

Insert an agent with an existing id and key.

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :name (name)

    Name to agent

  • :ip (ip)

    If this is not included, the API will get the IP automatically. If you are behind a proxy, you must set the option config.BehindProxyServer to yes at config.js. Allowed values: IP, IP/NET, ANY

  • :id (id)

    ID to agent

  • :key (key)

    Agent key. Minimum length: 64 characters. Allowed values: ^[a-zA-Z0-9]+$

  • :force (force)

    Remove the old agent the with same IP if disconnected since <force> seconds.



227
228
229
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 227

def insert_agent(options = {})
  post '/agents/insert', options
end

#outdated_agents(options = {}) ⇒ Object

Returns the list of outdated agents.

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :offset (offset)

    First element to return in the collection.

  • :limit (limit)

    Maximum number of elements to return.

  • :sort (sort)

    Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.

  • :q (q)

    Query to filter result. For example q=”status=Active”

See Also:



120
121
122
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 120

def outdated_agents(options = {})
  get '/agents/outdated', options
end

#remove_agent_of_group(agent_id, group_id) ⇒ Object

Remove a single group of an agent Remove the group of the agent but will leave the rest of its group if it belongs to a multigroup.

Parameters:

  • agent_id (String)
  • group_id (String)

See Also:



395
396
397
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 395

def remove_agent_of_group(agent_id, group_id)
  delete "/agents/#{agent_id}/group/#{group_id}"
end

#remove_agents_of_group(ids, groups) ⇒ Object

Remove a single group of multiple agents Remove a list of agents of a group.

Parameters:

  • ids (String)
  • group_id (String)

See Also:



405
406
407
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 405

def remove_agents_of_group(ids, groups)
  delete "/agents/group/#{group_id}", {ids: ids}
end

#remove_all_agent_of_group(agent_id) ⇒ Object

Remove all agent groups. Removes the group of the agent. The agent will automatically revert to the ‘default’ group.

Parameters:

  • agent_id (String)

See Also:



414
415
416
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 414

def remove_all_agent_of_group(agent_id)
  delete "/agents/#{agent_id}/group"
end

#remove_group(group_id) ⇒ Object

Remove group Removes the group. Agents that were assigned to the removed group will automatically revert to the ‘default’ group.

Parameters:

  • group_id (String)

See Also:



423
424
425
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 423

def remove_group(group_id)
  delete "/agents/groups/#{group_id}"
end

#restart_agents(options = {}) ⇒ Object

Restarts a list of agents.

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :ids (ids)

    Array of agent ID’s.

See Also:



69
70
71
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 69

def restart_agents(options = {})
  post '/agents/restart', options
end

#restart_all_agentsObject

Restarts all agents.



75
76
77
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 75

def restart_all_agents()
  put '/agents/restart'
end

#restart_an_agents(agent_id, options = {}) ⇒ Object

Restart an agent.

Parameters:

  • agent_id (String)

    Agent unique ID.

See Also:



84
85
86
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 84

def restart_an_agents(agent_id, options = {})
  put "/agents/#{agent_id}/restart"
end

#update_group_ossec_configuration(group_id, config) ⇒ Object

Put configuration file (agent.conf) into a group Upload the group configuration (agent.conf).

Parameters:

  • group_id (String)
  • config (String)

See Also:



383
384
385
386
387
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 383

def update_group_ossec_configuration(group_id, config)
  # post "/agents/groups/#{group_id}/configuration"
  # TODO : use Content-type: application/xml
  raise "This method not yet implement"
end

#upgrade_result_from_agent(agent_id, options = {}) ⇒ Object

Returns the upgrade result from an agent.

Parameters:

  • agent_id (String)

    ID to agent

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :timeout (timeout)

    Seconds to wait for the agent to respond.



130
131
132
 
# File 'lib/wazuh/api/endpoints/agents.rb', line 130

def upgrade_result_from_agent(agent_id, options = {})
  get "/agents/#{agent_id}/upgrade_result", options
end