From 4ee3ff18884def9d125f0402c4b3b0bac9a9b842 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matev=C5=BE=20Er=C5=BEen?= <matevz.erzen@xlab.si>
Date: Fri, 1 Apr 2022 12:31:15 +0000
Subject: [PATCH] Custom Cron job interval
---
.env | 4 +++-
MANIFEST | 2 +-
Makefile | 4 ++--
README.md | 1 +
kubernetes/wazuh-vat-evidence-collector-configmap.yaml | 4 +++-
scheduler/scheduler.py | 10 ++++------
6 files changed, 14 insertions(+), 11 deletions(-)
diff --git a/.env b/.env
index 908aec1..988071e 100644
--- a/.env
+++ b/.env
@@ -18,4 +18,6 @@ clouditor_host=192.168.33.14
clouditor_port=9090
clouditor_oauth2_port=8080
clouditor_client_id=clouditor
-clouditor_client_secret=clouditor
\ No newline at end of file
+clouditor_client_secret=clouditor
+
+wazuh_check_interval=300
\ No newline at end of file
diff --git a/MANIFEST b/MANIFEST
index ab96834..cfffdec 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -1,2 +1,2 @@
-VERSION=v0.0.13
+VERSION=v0.0.14
SERVICE=evidence-collector
diff --git a/Makefile b/Makefile
index c4e391d..d9784ed 100644
--- a/Makefile
+++ b/Makefile
@@ -5,6 +5,6 @@ run:
docker run --env-file .env -v ${PWD}/resource_id_map.json:/evidence-collector/resource_id_map.json --name evidence-collector evidence-collector
stop-and-clean:
- docker stop evidence-collector || \
- docker rm evidence-collector || \
+ docker stop evidence-collector
+ docker container rm evidence-collector
docker volume rm resource_id_map.json
\ No newline at end of file
diff --git a/README.md b/README.md
index 4d61a10..64ca894 100644
--- a/README.md
+++ b/README.md
@@ -103,6 +103,7 @@ All of the following environment variables have to be set (or passed to containe
| `clouditor_oauth2_port` | Clouditor port used for authentication services. Default value `8080`. |
| `clouditor_client_id` | Clouditor OAuth2 default id. Default value `clouditor`. |
| `clouditor_client_secret` | Clouditor OAuth2 default secret. Default value `clouditor`. |
+| `wazuh_check_interval` | Interval in seconds; how often should evidence be created and forwarded. Should be the same as the check interval set on Wazuh manager. |
### Medina resource ID mapping
diff --git a/kubernetes/wazuh-vat-evidence-collector-configmap.yaml b/kubernetes/wazuh-vat-evidence-collector-configmap.yaml
index faaf1b7..4814a24 100644
--- a/kubernetes/wazuh-vat-evidence-collector-configmap.yaml
+++ b/kubernetes/wazuh-vat-evidence-collector-configmap.yaml
@@ -20,4 +20,6 @@ data:
redis_queue: 'low'
clouditor_host: 'security-assessment-svc'
- clouditor_port: '9090'
\ No newline at end of file
+ clouditor_port: '9090'
+
+ wazuh_check_interval: '300'
\ No newline at end of file
diff --git a/scheduler/scheduler.py b/scheduler/scheduler.py
index 6d78c89..f057809 100644
--- a/scheduler/scheduler.py
+++ b/scheduler/scheduler.py
@@ -9,6 +9,8 @@ REDIS_HOST = os.environ.get("redis_host")
REDIS_PORT = int(os.environ.get("redis_port"))
REDIS_QUEUE = os.environ.get("redis_queue")
+WAZUH_CHECK_INTERVAL = int(os.environ.get("wazuh_check_interval"))
+
def remove_jobs(scheduler):
jobs = scheduler.get_jobs()
for job in jobs:
@@ -23,13 +25,10 @@ redis = Redis(REDIS_HOST, REDIS_PORT)
q = Queue(REDIS_QUEUE, connection=redis)
scheduler = Scheduler(connection=redis)
-# TODO: Remove if needed
remove_jobs(scheduler)
-# TODO: Change cron expression and repeat value for production verion.
-# Should probably be "0 0 * * * ".
scheduler.cron(
- '* * * * * ',
+ '*/' + str(int(WAZUH_CHECK_INTERVAL / 60)) + ' * * * * ',
func=wazuh_evidence_collector.main,
args=[],
repeat=None,
@@ -37,5 +36,4 @@ scheduler.cron(
use_local_timezone=False
)
-# TODO: Remove if needed
-print_jobs(scheduler)
+print_jobs(scheduler)
\ No newline at end of file
--
GitLab