Fixed problems with environment variables & updated README

MANIFEST

-VERSION=v0.0.7
+VERSION=v0.0.9
 SERVICE=evidence-collector

README.md

@@ -4,7 +4,7 @@ This project includes modules for collecting evidence regarding Wazuh and VAT an
 
 ## Wazuh evidence collector
 
-Wazuh evidence collector uses [Wazuh's API](https://documentation.wazuh.com/current/user-manual/api/reference.html) to access information about manager's and agents' system informations and configurations. As an additional measure to ensure correct configuration of [ClamAV](https://www.clamav.net/) (if installed on machine) we also make use of [Elasticsearch's API](https://www.elastic.co/guide/en/elasticsearch/reference/current/search.html) to dirrectly access collected logs - Elastic stack is one of the Wazuh's required components (usually installed on the same machine as Wazuh server, but can be stand alone as well).
+Wazuh evidence collector uses [Wazuh's API](https://documentation.wazuh.com/current/user-manual/api/reference.html) to access information about manager's and agents' system informations and configurations. As an additional measure to ensure correct configuration of [ClamAV](https://www.clamav.net/) (if installed on machine) we also make use of [Elasticsearch's API](https://www.elastic.co/guide/en/elasticsearch/reference/current/search.html) to dirrectly access collected logs | Elastic stack is one of the Wazuh's required components (usually installed on the same machine as Wazuh server, but can be stand alone as well).
 
 ## Installation & use
 
@@ -78,26 +78,28 @@ Wazuh evidence collector uses [Wazuh's API](https://documentation.wazuh.com/curr
 
 ### Environment variables
 
-Required environment variables (if deployed localy) are located and can be set in `.env` file. 
+Required environment variables (if deployed locally) are located and can be set in `.env` file. 
 
 Variables used when deploying to Kubernetes can be edited in `data` section of `/kubernetes/wazuh-vat-evidence-collector-configmap.yaml` file.
 
 All of the following environment variables have to be set (or passed to container) for `evidence-collector` to work:
 
-- `demo_mode`,
-- `wazuh_host`,
-- `wazuh_port`,
-- `wazuh_username`,
-- `wazuh_password`,
-- `elastic_host`,
-- `elastic_port`,
-- `elastic_username`,
-- `elastic_password`,
-- `redis_host`,
-- `redis_port`,
-- `redis_queue`,
-- `clouditor_host`,
-- `clouditor_port`.
+| Variable | Description |
+| ---------- | ---------- |
+| `demo_mode` | Default value `false`. Set to `true` in case Evidence collector runs alone (without `security-monitoring` framework) locally - generates dummy data. |
+| `wazuh_host` | Wazuh manager host's IP address. |
+| `wazuh_port` | Wazuh manager port. Default value `55000`. |
+| `wazuh_username` | Wazuh manager's username. |
+| `wazuh_password` | Wazuh manager's password. |
+| `elastic_host` | Elasticsearch host's IP address. Usually same as `wazuh_host`. |
+| `elastic_port` | Elasticsearch port. Default value `9200`. |
+| `elastic_username` | Elasticsearch's username. |
+| `elastic_password` | Elasticsearch's password. |
+| `redis_host` | Redis server host's IP address. Usually `localhost`. |
+| `redis_port` | Redis server port. Default value `6379`. |
+| `redis_queue` | Redis queue name. |
+| `clouditor_host` | Clouditor host's IP address. |
+| `clouditor_port` | Clouditor port. Default value `9090`. |
 
 ### Generate gRPC code from `.proto` files
 
@@ -136,7 +138,7 @@ $ curl --user admin:changeme --insecure -X GET "https://192.168.33.10:9200/wazuh
   }'
 ```
 
-### Running [RQ](https://github.com/rq/rq) and [RQ-scheduler](https://github.com/rq/rq-scheduler) localy
+### Running [RQ](https://github.com/rq/rq) and [RQ-scheduler](https://github.com/rq/rq-scheduler) locally
 
 1. Install (if needed) and run `redis-server`:
 

forward_evidence/forward_evidence.py

@@ -3,7 +3,7 @@ import grpc
 import os
 
 CLOUDITOR_HOST = os.environ.get("clouditor_host")
-CLOUDITOR_PORT = os.environ.get("clouditor_port")
+CLOUDITOR_PORT = int(os.environ.get("clouditor_port"))
 
 class ForwardEvidence(object):
 

kubernetes/wazuh-vat-evidence-collector-configmap.yaml

@@ -3,20 +3,21 @@ kind: ConfigMap
 metadata:
     name: wazuh-vat-evidence-collector-env
 data:
-    demo_mode: true
-    wazuh_host: localhost
-    wazuh_port: 55000
-    wazuh_username: wazuh-wui
-    wazuh_password: wazuh-wui
+    demo_mode: 'true'
 
-    elastic_host: localhost
-    elastic_port: 9200
-    elastic_username: admin
-    elastic_password: changeme
+    wazuh_host: 'localhost'
+    wazuh_port: '55000'
+    wazuh_username: 'wazuh-wui'
+    wazuh_password: 'wazuh-wui'
 
-    redis_host: localhost
-    redis_port: 6379
-    redis_queue: low
+    elastic_host: 'localhost'
+    elastic_port: '9200'
+    elastic_username: 'admin'
+    elastic_password: 'changeme'
         
-    clouditor_host: security-assessment-svc
-    clouditor_port: 9090
\ No newline at end of file
+    redis_host: 'localhost'
+    redis_port: '6379'
+    redis_queue: 'low'
+        
+    clouditor_host: 'security-assessment-svc'
+    clouditor_port: '9090'
\ No newline at end of file

scheduler/scheduler.py

@@ -6,7 +6,7 @@ from wazuh_evidence_collector import wazuh_evidence_collector
 from wazuh_evidence_collector.wazuh_evidence_collector import LOGGER
 
 REDIS_HOST = os.environ.get("redis_host")
-REDIS_PORT = os.environ.get("redis_port")
+REDIS_PORT = int(os.environ.get("redis_port"))
 REDIS_QUEUE = os.environ.get("redis_queue")
 
 def remove_jobs(scheduler):

wazuh_evidence_collector/checker.py

@@ -2,7 +2,6 @@ from wazuh_evidence_collector.wazuh_client import WazuhClient
 from elasticsearch import Elasticsearch
 from elasticsearch_dsl import Search
 
-
 class Checker:
     def __init__(self, wc, es):
         self.wc = wc

wazuh_evidence_collector/wazuh_evidence_collector.py

@@ -14,15 +14,15 @@ import logging.config
 logging.config.fileConfig('logging.conf')
 LOGGER = logging.getLogger('root')
 
-DEMO = os.environ.get("demo_mode")
+DEMO = os.environ.get("demo_mode").lower() in ('true', '1', 't')
 
 WAZUH_HOST = os.environ.get("wazuh_host")
-WAZUH_PORT = os.environ.get("wazuh_port")
+WAZUH_PORT = int(os.environ.get("wazuh_port"))
 WAZUH_USERNAME = os.environ.get("wazuh_username")
 WAZUH_PASSWORD = os.environ.get("wazuh_password")
 
 ELASTIC_HOST = os.environ.get("elastic_host")
-ELASTIC_PORT = os.environ.get("elastic_port")
+ELASTIC_PORT = int(os.environ.get("elastic_port"))
 ELASTIC_USERNAME = os.environ.get("elastic_username")
 ELASTIC_PASSWORD = os.environ.get("elastic_password")