Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GCP - Documentation needs an update #4995

Closed
okynos opened this issue Mar 31, 2022 · 1 comment
Closed

GCP - Documentation needs an update #4995

okynos opened this issue Mar 31, 2022 · 1 comment
Assignees
@davidjiglesias
Labels
documentation gcp GCP wodle documentation type: refactor Enhancement

Comments

@okynos
Copy link
Contributor

okynos commented Mar 31, 2022
edited by davidjiglesias
Loading

Component Installation Operating system Issue
Documentation step by step CentOS 7 #12898

Description

The documentation page Configuring GCP credentials contains old screenshot of GCP web interface it isn't clear to the user

Old image
image

New interface
image

Description

The create topic section has old images we need to update it:
Old
image

New
image

Description

The create subscription section is not needed, the subscription is automatically created when the topic is created.

Description

The documentation of pub sub GCP module for Wazuh lacks of examples inside the documentation.
You have to look at the user manual section when the bucket configuration has an example inside its own section.
Also, the credentials folder specified in the config example doesn't match with the 4.3.0 directories
Example: wodles/gcp-pubsub
Real folder: /var/ossec/wodles/gcloud/pubsub/

I wish to include a better explanation of what is each parameter. The current documentation seems to lack of detail to fully understand what parameters are required into Wazuh configuration block.
Being direct the project id tag need to be the project ID related to the topic created in our case wazuh-dev-258815
and the subscription name is the name given to the subscription at creation time in our case wazuh-gcloud-test-sub2
image

GCP bucket config example

<gcp-bucket>
   <run_on_start>yes</run_on_start>
   <interval>1m</interval>
   <logging>debug</logging>
   <bucket type="access_logs">
       <name>wazuh-gcloud-test-bucket</name>
       <credentials_file>wodles/gcloud/pubsub/credentials.json</credentials_file>
   </bucket>
 </gcp-bucket>

Required permissions.
image

GCP Pub/Sub configuration

<gcp-pubsub>
    <pull_on_start>yes</pull_on_start>
    <interval>1m</interval>
    <project_id>wazuh-dev-ID</project_id>
    <subscription_name>wazuh-gcloud-test-sub2</subscription_name>
    <logging>debug</logging>
    <credentials_file>wodles/gcloud/pubsub/credentials.json</credentials_file>
</gcp-pubsub>

Required permissions inside service account:
image
@davidjiglesias davidjiglesias transferred this issue from wazuh/wazuh Mar 31, 2022
@davidjiglesias davidjiglesias added type: refactor Enhancement gcp GCP wodle documentation labels Mar 31, 2022
@davidjiglesias davidjiglesias moved this to Triage in Release 4.3.0 Mar 31, 2022
@okynos okynos mentioned this issue Mar 31, 2022
Closed
4 tasks
@davidjiglesias davidjiglesias self-assigned this Apr 1, 2022
@davidjiglesias davidjiglesias moved this from Triage to Known issues in Release 4.3.0 Apr 1, 2022
@CarlosRS9
Copy link
Contributor

The issue with the Storage Legacy Bucket write role will be reviewed and fixed in #4996.

The reference pages for gcp-bucket and gcp-pubsub will be reviewed and updated in #5699.

The review of the existing screenshot and the addition of new ones will be carried out in #5700.

Repository owner moved this from Known issues to Done in Release 4.3.0 Oct 21, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@davidjiglesias davidjiglesias

Labels
documentation gcp GCP wodle documentation type: refactor Enhancement
Projects
No open projects
Release 4.3.0
Status: Done
Milestone
No milestone
Development

No branches or pull requests
3 participants
@okynos @davidjiglesias @CarlosRS9