Oauth2 implementation

See merge request medina/evidence-collector!9

Matevz Erzen authored 3 years ago and Zitnik, Anze committed 3 years ago

Migration from json config to env variables

Fixed failing CI job

Matevz Erzen authored 3 years ago and Zitnik, Anze committed 3 years ago

Separate malware protection evidence

Data combined in single evidence, updated output struct

Fixed Python image in Dockerfile

Corrected elasticsearch rule.description query

See merge request medina/evidence-collector!5

Squashed commit of the following:

commit 718efd4db1fd64e5baed53d27c149219fab47879
Author: Anže Žitnik <anze.zitnik@xlab.si>
Date:   Thu Jan 20 16:03:58 2022 +0100

    Version up

commit c574b33acd9c5c131e8a2b53ad69ff1a970d2203
Author: Anže Žitnik <anze.zitnik@xlab.si>
Date:   Thu Jan 20 16:02:07 2022 +0100

    Add demo mode function.

    Created an option in constants.json where demo mode can be selected. It will not query wazuh or elastic, just output random evidence.

Some refactoring.

Squashed commit of the following:

commit 11ae9a48f6b41c2dc5b3e00de1b808b75cc39013
Author: Anže Žitnik <anze.zitnik@xlab.si>
Date:   Tue Dec 14 11:40:01 2021 +0100

    Change CI script: build and test all branches

commit fe84541d50ffc6b25d5fff94b1781345ec2b548d
Author: Anže Žitnik <anze.zitnik@xlab.si>
Date:   Tue Dec 14 11:33:07 2021 +0100

    Version up

commit b99df078408ea2649ce59cd2d17c247c04c6a992
Author: Anže Žitnik <anze.zitnik@xlab.si>
Date:   Tue Dec 14 11:25:12 2021 +0100

    Update dockerignore: add (v)env folder.

commit 20944e6743ce112d558fb0205a9347a46c17da8b
Author: Anže Žitnik <anze.zitnik@xlab.si>
Date:   Tue Dec 14 10:56:41 2021 +0100

    Refactoring: move all gRPC-generated files to their own package (grpc_gen).

commit f4dce9c9076a1336dc7d0b5e15759b24c4f9bea7
Author: Anže Žitnik <anze.zitnik@xlab.si>
Date:   Tue Dec 14 10:34:05 2021 +0100

    Use AssessEvidence instead of StoreEvidence RPC on Clouditor.

    Added necessary proto files (removed unneeded) and regenerated python code from them. Also added Google APIs dependencies for grpc code generation. Accordingly updated README. Also updated requirements.txt to include some packages for grpc python code generation and for usage of Google APIs.

    Note that with the call to AssessEvidence, we need to provide an AssessEvidenceRequest object (instead of simply Evidence as before). Most changes of existing code are because of this.

Replaced all print() calls with logger.info/debug. Printing evidence objects. Logging to /var/log/evidence_collector.log and setting tailf to this file in docker entrypoint.
Version 0.0.4.

Squashed commit of the following:

commit 825d1f95a141f8e11703c27889e53a6e16c3cd66
Author: Anže Žitnik <anze.zitnik@xlab.si>
Date:   Wed Dec 1 12:21:26 2021 +0100

    Output logs to /var/log... and tailf in Dockerfile

commit db9b34317d19e42316fc0c5f0a8f60b03b2e4dbc
Author: Anže Žitnik <anze.zitnik@xlab.si>
Date:   Wed Dec 1 12:19:54 2021 +0100

    Introduce logger. Replace all prints.

Updated gRPC message structure

See merge request medina/evidence-collector!4

gRPC implementation

See merge request medina/evidence-collector!3

Merge CI tests to Master

See merge request medina/evidence-collector!2

Added initial Docker image

See merge request medina/evidence-collector!1