Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enhance StatisticMonitor with API support #4970

Merged
merged 20 commits into from
Feb 22, 2024

Conversation

Deblintrake09
Copy link
Contributor

Description

This PR enhances the StatisticMonitor class to enable using the API for analysisd events and remoted stats.

  • New parameter use_api added called with -a and --use_api. It is used in with remoted to get remote data from the API.
  • analysis_events are recovered by default from the API.

Testing performed

OS Package used
Ubuntu 22 4.8.0-beta1
Validation Jenkins Local OS Commit Notes
Artifacts are generated ⚫⚫ local_artifacts.zip Ubuntu22 Nothing to highlight

@Deblintrake09 Deblintrake09 requested a review from Rebits February 16, 2024 15:36
@Deblintrake09 Deblintrake09 self-assigned this Feb 16, 2024
@Deblintrake09 Deblintrake09 linked an issue Feb 16, 2024 that may be closed by this pull request
3 tasks
Copy link
Member

@Rebits Rebits left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good jobs. Some changes are required

urllib3.disable_warnings()

API_URL="https://localhost:55000"
DAEMONS_ENDPOINT="/manager/daemons/stats?daemons_list=wazuh-analysisd,wazuh-remoted,wazuh-db"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hardcoded daemons endpoint

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in 8128e8a

import wazuh_testing.tools as tls
urllib3.disable_warnings()

API_URL="https://localhost:55000"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hardcoded api url and port

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in 8128e8a

Comment on lines 1 to 3



Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in 8128e8a

@@ -26,13 +26,16 @@ def get_script_arguments():
formatter_class=argparse.RawTextHelpFormatter)
parser.add_argument('-t', '--target', dest='target_list', required=True, type=str, nargs='+', action='store',
help='Type the statistics target to collect separated by whitespace. '
'Targets: agent, logcollector, remote and analysis.')
'Targets: agent, logcollector, remote, analysis_events, analysisd_state and wazuhdb')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This could affect other QA process. Did it only affect test_cluster https://github.com/wazuh/wazuh-jenkins/pull/6276/files?

@@ -40,44 +52,56 @@ class StatisticMonitor:
dst_dir (str): directory to store the CSVs. Defaults to temp directory.
csv_file (str): path to the CSV file.
target (str): target file to monitor.
parse_json (bool): Determine if the file is a JSON file. Default False.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
parse_json (bool): Determine if the file is a JSON file. Default False.

data = daemons_response.json()['data']['affected_items']
self._write_csv(data, self.target, self.csv_file)


Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change

Comment on lines 149 to 156
if response.status_code != 200:
logging.info("Retrying get API data, status code {}".format(response.status_code))
return self._parse_api_data()

daemons_response = requests.get(API_URL + DAEMONS_ENDPOINT, verify=False, headers={'Authorization': 'Bearer ' + response.json()['data']['token']})
if daemons_response.status_code != 200:
logging.info("Retrying get API data, status code {}".format(response.status_code))
return self._parse_api_data()
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Infinite loop. We should include some minor logic in order to prevent credential and others errors. In addition, logging should be error instead of info

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed in 135c652

timestamp = datetime.fromtimestamp(time()).strftime('%Y-%m-%d %H:%M:%S')

if self.use_api:

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed in 135c652

Comment on lines 195 to 200
if target == "analysis_events":
data = data[0]
elif target == "remote":
data = data[1]
elif target == "wazuhdb":
data = data[2]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hardcoded elements. We should change the monitored process through the API

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed in 135c652

Comment on lines 36 to 42
parser.add_argument('-u', '--use_state_file', action='store_true', default=False,
help="Determine if the state files should be used to collect the for analysisd and remoted."
"Use with remoted and analysis to get data from state files. Default False.")
parser.add_argument('-i', '--ip', dest='ip', action='store', default='localhost',
help=f"IP for the API. Default localhost.")
parser.add_argument('-p', '--port', dest='port', action='store', default='55000',
help=f"port for the API. Default localhost.")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
parser.add_argument('-u', '--use_state_file', action='store_true', default=False,
help="Determine if the state files should be used to collect the for analysisd and remoted."
"Use with remoted and analysis to get data from state files. Default False.")
parser.add_argument('-i', '--ip', dest='ip', action='store', default='localhost',
help=f"IP for the API. Default localhost.")
parser.add_argument('-p', '--port', dest='port', action='store', default='55000',
help=f"port for the API. Default localhost.")
parser.add_argument('-u', '--use_state_file', action='store_true', default=False,
help="Use state files for analysis and remote operations."
"When used with 'remote' and 'analysis', data will be collected from state files; otherwise, the API will be used. Default False.")
parser.add_argument('-i', '--ip', dest='ip', action='store', default='localhost',
help=f"Specify the IP address for the API. Default is 'localhost'.")
parser.add_argument('-p', '--port', dest='port', action='store', default='55000',
help=f"Specify the port for the API. Default is '55000'.")

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in a9192a5

else:
raise ValueError(f'The target {self.target} is not a valid one.')

state_file = splitext(basename(self.statistics_file))[0]
self.csv_file = join(self.dst_dir, f'{state_file}_stats.csv')
if self.use_state_file == True:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if self.use_state_file == True:
if self.use_state_file:

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in a1d0448

Comment on lines 191 to 200
if target == "analysis":
csv_header = headers.analysisd_header if self.use_state_file == True else headers.analysisd_events_header
elif target == "logcollector":
csv_header = headers.logcollector_header
elif target == "remote":
csv_header = headers.remoted_header if self.use_state_file == True else headers.remoted_api_header
elif target == "wazuhdb":
csv_header = headers.wazuhdb_header
else:
csv_header = headers.agentd_header
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if target == "analysis":
csv_header = headers.analysisd_header if self.use_state_file == True else headers.analysisd_events_header
elif target == "logcollector":
csv_header = headers.logcollector_header
elif target == "remote":
csv_header = headers.remoted_header if self.use_state_file == True else headers.remoted_api_header
elif target == "wazuhdb":
csv_header = headers.wazuhdb_header
else:
csv_header = headers.agentd_header
if target == "analysis":
csv_header = headers.analysisd_header if self.use_state_file else headers.analysisd_events_header
elif target == "logcollector":
csv_header = headers.logcollector_header
elif target == "remote":
csv_header = headers.remoted_header if self.use_state_file else headers.remoted_api_header
elif target == "wazuhdb":
csv_header = headers.wazuhdb_header
else:
csv_header = headers.agentd_header

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in b48cd5b

@Deblintrake09 Deblintrake09 requested a review from Rebits February 21, 2024 16:53
@davidjiglesias davidjiglesias merged commit 2702be3 into 4.8.0 Feb 22, 2024
2 of 4 checks passed
@davidjiglesias davidjiglesias deleted the enhancement/4890-wazuh-statistics-scripts branch February 22, 2024 07:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Refactor StatesMonitoring class to utilize API instead of .state files
3 participants