init commit

Author: FortiShield

.gitignore

@@ -3,7 +3,7 @@ __pycache__
 .pytest_cache
 
 venv
-wazuh_testing.egg-info
+fortishield_testing.egg-info
 dist
 
 # Python bytecode files
@@ -51,13 +51,13 @@ Temporary Items
 # Ignore all local history of files
 .history
 
-# Wazuh tools installation files
-deps/wazuh_testing/build/
-deps/wazuh_testing/dist/
-deps/wazuh_testing/wazuh_testing.egg-info/
+# Fortishield tools installation files
+deps/fortishield_testing/build/
+deps/fortishield_testing/dist/
+deps/fortishield_testing/fortishield_testing.egg-info/
 
 # SearchUI package-lock
-deps/wazuh_testing/wazuh_testing/qa_docs/Search-UI/package-lock.json
+deps/fortishield_testing/fortishield_testing/qa_docs/Search-UI/package-lock.json
 
 # GCP tests configuration file
 tests/integration/test_gcloud/data/configuration.yaml

CHANGELOG.md

@@ -1,23 +1,23 @@
-# Wazuh
+# Fortishield
 
-[![Slack](https://img.shields.io/badge/slack-join-blue.svg)](https://wazuh.com/community/join-us-on-slack/)
-[![Email](https://img.shields.io/badge/email-join-blue.svg)](https://groups.google.com/forum/#!forum/wazuh)
-[![Documentation](https://img.shields.io/badge/docs-view-green.svg)](https://documentation.wazuh.com)
-[![Documentation](https://img.shields.io/badge/web-view-green.svg)](https://wazuh.com)
-[![Twitter](https://img.shields.io/twitter/follow/wazuh?style=social)](https://twitter.com/wazuh)
+[![Slack](https://img.shields.io/badge/slack-join-blue.svg)](https://fortishield.github.io/community/join-us-on-slack/)
+[![Email](https://img.shields.io/badge/email-join-blue.svg)](https://groups.google.com/forum/#!forum/fortishield)
+[![Documentation](https://img.shields.io/badge/docs-view-green.svg)](https://documentation.fortishield.github.io)
+[![Documentation](https://img.shields.io/badge/web-view-green.svg)](https://fortishield.github.io)
+[![Twitter](https://img.shields.io/twitter/follow/fortishield?style=social)](https://twitter.com/fortishield)
 [![YouTube](https://img.shields.io/youtube/views/peTSzcAueEc?style=social)](https://www.youtube.com/watch?v=peTSzcAueEc)
 
 
-Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments.
+Fortishield is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments.
 
-Wazuh solution consists of an endpoint security agent, deployed to the monitored systems, and a management server, which collects and analyzes data gathered by the agents. Besides, Wazuh has been fully integrated with the Elastic Stack, providing a search engine and data visualization tool that allows users to navigate through their security alerts.
+Fortishield solution consists of an endpoint security agent, deployed to the monitored systems, and a management server, which collects and analyzes data gathered by the agents. Besides, Fortishield has been fully integrated with the Elastic Stack, providing a search engine and data visualization tool that allows users to navigate through their security alerts.
 
-## Wazuh QA repository
+## Fortishield QA repository
 
-In this repository you will find the tests used in the CI environment to test Wazuh's capabilities and daemons. This is the structure of the repository:
-- `deps/wazuh_testing`: contains a Python's framework used to automatize tasks and interact with Wazuh.
+In this repository you will find the tests used in the CI environment to test Fortishield's capabilities and daemons. This is the structure of the repository:
+- `deps/fortishield_testing`: contains a Python's framework used to automatize tasks and interact with Fortishield.
 - `tests`: directory containing the test suite. These are tests developed using Pytest.
     - `integration`: integration tests of the different daemons/components.
-    - `system`: system tests of Wazuh.
-    - `scans`: tests used to scan and verify Wazuh Python code and dependencies.
+    - `system`: system tests of Fortishield.
+    - `scans`: tests used to scan and verify Fortishield Python code and dependencies.
 - `docs`:  contains the technical documentation about the code and documentation about the tests.

README.md

@@ -1,5 +1,5 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
+# Copyright (C) 2015-2021, Fortishield Inc.
+# Created by Fortishield, Inc. <info@fortishield.github.io>.
 # This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
 
 import logging
@@ -11,64 +11,64 @@
 
 
 if sys.platform == 'win32':
-    WAZUH_PATH = os.path.join("C:", os.sep, "Program Files (x86)", "ossec-agent")
-    LOG_FILE_PATH = os.path.join(WAZUH_PATH, 'ossec.log')
-    SYSCOLLECTOR_DB_PATH = os.path.join(WAZUH_PATH, 'queue', 'syscollector', 'db', 'local.db')
+    FORTISHIELD_PATH = os.path.join("C:", os.sep, "Program Files (x86)", "ossec-agent")
+    LOG_FILE_PATH = os.path.join(FORTISHIELD_PATH, 'ossec.log')
+    SYSCOLLECTOR_DB_PATH = os.path.join(FORTISHIELD_PATH, 'queue', 'syscollector', 'db', 'local.db')
 else:
     if sys.platform == 'darwin':
-        WAZUH_PATH = os.path.join("/", "Library", "Ossec")
+        FORTISHIELD_PATH = os.path.join("/", "Library", "Ossec")
     else:
-        WAZUH_PATH = os.path.join("/var", "ossec")
-    LOG_FILE_PATH = os.path.join(WAZUH_PATH, 'logs', 'ossec.log')
-    SYSCOLLECTOR_DB_PATH = os.path.join(WAZUH_PATH, 'queue', 'syscollector', 'db', 'local.db')
-
-
-WAZUH_CONF_PATH = os.path.join(WAZUH_PATH, 'etc', 'ossec.conf')
-WAZUH_LOGS_PATH = os.path.join(WAZUH_PATH, 'logs')
-CLIENT_KEYS_PATH = os.path.join(WAZUH_PATH, 'etc' if platform.system() == 'Linux' else '', 'client.keys')
-QUEUE_DB_PATH = os.path.join(WAZUH_PATH, 'queue', 'db')
-QUEUE_SOCKETS_PATH = os.path.join(WAZUH_PATH, 'queue', 'sockets')
-WAZUH_DB_SOCKET_PATH = os.path.join(QUEUE_DB_PATH, 'wdb')
-CVE_DB_PATH = os.path.join(WAZUH_PATH, 'queue', 'vulnerabilities', 'cve.db')
-ALERTS_JSON_PATH = os.path.join(WAZUH_PATH, 'logs', 'alerts', 'alerts.json')
-ARCHIVES_LOG_PATH = os.path.join(WAZUH_PATH, 'logs', 'archives', 'archives.log')
-ARCHIVES_JSON_PATH = os.path.join(WAZUH_PATH, 'logs', 'archives', 'archives.json')
-CPE_HELPER_PATH = os.path.join(WAZUH_PATH, 'queue', 'vulnerabilities', 'dictionaries', 'cpe_helper.json')
-WAZUH_API_CONF = os.path.join(WAZUH_PATH, 'api', 'configuration', 'api.yaml')
-WAZUH_SECURITY_CONF = os.path.join(WAZUH_PATH, 'api', 'configuration', 'security', 'security.yaml')
-API_LOG_FILE_PATH = os.path.join(WAZUH_PATH, 'logs', 'api.log')
-API_JSON_LOG_FILE_PATH = os.path.join(WAZUH_PATH, 'logs', 'api.json')
-API_LOG_FOLDER = os.path.join(WAZUH_PATH, 'logs', 'api')
-WAZUH_TESTING_PATH = os.path.dirname(os.path.abspath(__file__))
-CIS_RULESET_PATH = os.path.join(WAZUH_PATH, 'ruleset', 'sca')
-WAZUH_TESTING_DATA_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data')
-DEFAULT_AUTHD_PASS_PATH = os.path.join(WAZUH_PATH, 'etc', 'authd.pass')
+        FORTISHIELD_PATH = os.path.join("/var", "ossec")
+    LOG_FILE_PATH = os.path.join(FORTISHIELD_PATH, 'logs', 'ossec.log')
+    SYSCOLLECTOR_DB_PATH = os.path.join(FORTISHIELD_PATH, 'queue', 'syscollector', 'db', 'local.db')
+
+
+FORTISHIELD_CONF_PATH = os.path.join(FORTISHIELD_PATH, 'etc', 'ossec.conf')
+FORTISHIELD_LOGS_PATH = os.path.join(FORTISHIELD_PATH, 'logs')
+CLIENT_KEYS_PATH = os.path.join(FORTISHIELD_PATH, 'etc' if platform.system() == 'Linux' else '', 'client.keys')
+QUEUE_DB_PATH = os.path.join(FORTISHIELD_PATH, 'queue', 'db')
+QUEUE_SOCKETS_PATH = os.path.join(FORTISHIELD_PATH, 'queue', 'sockets')
+FORTISHIELD_DB_SOCKET_PATH = os.path.join(QUEUE_DB_PATH, 'wdb')
+CVE_DB_PATH = os.path.join(FORTISHIELD_PATH, 'queue', 'vulnerabilities', 'cve.db')
+ALERTS_JSON_PATH = os.path.join(FORTISHIELD_PATH, 'logs', 'alerts', 'alerts.json')
+ARCHIVES_LOG_PATH = os.path.join(FORTISHIELD_PATH, 'logs', 'archives', 'archives.log')
+ARCHIVES_JSON_PATH = os.path.join(FORTISHIELD_PATH, 'logs', 'archives', 'archives.json')
+CPE_HELPER_PATH = os.path.join(FORTISHIELD_PATH, 'queue', 'vulnerabilities', 'dictionaries', 'cpe_helper.json')
+FORTISHIELD_API_CONF = os.path.join(FORTISHIELD_PATH, 'api', 'configuration', 'api.yaml')
+FORTISHIELD_SECURITY_CONF = os.path.join(FORTISHIELD_PATH, 'api', 'configuration', 'security', 'security.yaml')
+API_LOG_FILE_PATH = os.path.join(FORTISHIELD_PATH, 'logs', 'api.log')
+API_JSON_LOG_FILE_PATH = os.path.join(FORTISHIELD_PATH, 'logs', 'api.json')
+API_LOG_FOLDER = os.path.join(FORTISHIELD_PATH, 'logs', 'api')
+FORTISHIELD_TESTING_PATH = os.path.dirname(os.path.abspath(__file__))
+CIS_RULESET_PATH = os.path.join(FORTISHIELD_PATH, 'ruleset', 'sca')
+FORTISHIELD_TESTING_DATA_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data')
+DEFAULT_AUTHD_PASS_PATH = os.path.join(FORTISHIELD_PATH, 'etc', 'authd.pass')
 TEMPLATE_DIR = 'configuration_template'
 TEST_CASES_DIR = 'test_cases'
 
 
 # Daemons
-LOGCOLLECTOR_DAEMON = 'wazuh-logcollector'
-AGENTLESS_DAEMON = 'wazuh-agentlessd'
-CSYSLOG_DAEMON = 'wazuh-csyslogd'
-REMOTE_DAEMON = 'wazuh-remoted'
-ANALYSISD_DAEMON = 'wazuh-analysisd'
-API_DAEMON = 'wazuh-apid'
-MAIL_DAEMON = 'wazuh-maild'
-SYSCHECK_DAEMON = 'wazuh-syscheckd'
-EXEC_DAEMON = 'wazuh-execd'
-MODULES_DAEMON = 'wazuh-modulesd'
-CLUSTER_DAEMON = 'wazuh-clusterd'
-INTEGRATOR_DAEMON = 'wazuh-integratord'
-MONITOR_DAEMON = 'wazuh-monitord'
-DB_DAEMON = 'wazuh-db'
-AGENT_DAEMON = 'wazuh-agentd'
+LOGCOLLECTOR_DAEMON = 'fortishield-logcollector'
+AGENTLESS_DAEMON = 'fortishield-agentlessd'
+CSYSLOG_DAEMON = 'fortishield-csyslogd'
+REMOTE_DAEMON = 'fortishield-remoted'
+ANALYSISD_DAEMON = 'fortishield-analysisd'
+API_DAEMON = 'fortishield-apid'
+MAIL_DAEMON = 'fortishield-maild'
+SYSCHECK_DAEMON = 'fortishield-syscheckd'
+EXEC_DAEMON = 'fortishield-execd'
+MODULES_DAEMON = 'fortishield-modulesd'
+CLUSTER_DAEMON = 'fortishield-clusterd'
+INTEGRATOR_DAEMON = 'fortishield-integratord'
+MONITOR_DAEMON = 'fortishield-monitord'
+DB_DAEMON = 'fortishield-db'
+AGENT_DAEMON = 'fortishield-agentd'
 
 API_DAEMONS_REQUIREMENTS = [API_DAEMON, DB_DAEMON, EXEC_DAEMON, ANALYSISD_DAEMON, REMOTE_DAEMON, MODULES_DAEMON]
 
 # Paths
-SYSLOG_SIMULATOR = os.path.join(WAZUH_TESTING_PATH, 'scripts', 'syslog_simulator.py')
-ANALYSISD_STATE = os.path.join(WAZUH_PATH, 'var', 'run', 'wazuh-analysisd.state')
+SYSLOG_SIMULATOR = os.path.join(FORTISHIELD_TESTING_PATH, 'scripts', 'syslog_simulator.py')
+ANALYSISD_STATE = os.path.join(FORTISHIELD_PATH, 'var', 'run', 'fortishield-analysisd.state')
 
 # Timeouts
 
@@ -84,19 +84,19 @@
 
 
 # Local internal options
-MODULESD_DEBUG = 'wazuh_modules.debug'
+MODULESD_DEBUG = 'fortishield_modules.debug'
 WINDOWS_DEBUG = 'windows.debug'
 SYSCHECK_DEBUG = 'syscheck.debug'
 VERBOSE_DEBUG_OUTPUT = 2
 
-# Wazuh Service commands
-WAZUH_SERVICES_STOP = 'stop'
-WAZUH_SERVICES_START = 'start'
+# Fortishield Service commands
+FORTISHIELD_SERVICES_STOP = 'stop'
+FORTISHIELD_SERVICES_START = 'start'
 
 
 # Configurations
 DATA = 'data'
-WAZUH_LOG_MONITOR = 'wazuh_log_monitor'
+FORTISHIELD_LOG_MONITOR = 'fortishield_log_monitor'
 
 
 # File Types
@@ -347,7 +347,7 @@ def fim_mode(self, value):
 
 
 global_parameters = Parameters()
-logger = logging.getLogger('wazuh_testing')
+logger = logging.getLogger('fortishield_testing')
 logger.setLevel(logging.DEBUG)
 
 handler = logging.StreamHandler(sys.stderr)

deps/wazuh_testing/wazuh_testing/__init__.py renamed to deps/fortishield_testing/fortishield_testing/__init__.py

@@ -1,5 +1,5 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
+# Copyright (C) 2015-2021, Fortishield Inc.
+# Created by Fortishield, Inc. <info@fortishield.github.io>.
 # This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
 
 import os
@@ -9,10 +9,10 @@
 import ssl
 import json
 
-from wazuh_testing.fim import change_internal_options
-from wazuh_testing.tools import LOG_FILE_PATH, WAZUH_PATH
-from wazuh_testing.tools import monitoring
-from wazuh_testing import logger
+from fortishield_testing.fim import change_internal_options
+from fortishield_testing.tools import LOG_FILE_PATH, FORTISHIELD_PATH
+from fortishield_testing.tools import monitoring
+from fortishield_testing import logger
 
 
 DEFAULT_VALUES = {
@@ -32,16 +32,16 @@
 
 folder = 'etc' if platform.system() == 'Linux' else ''
 
-CLIENT_KEYS_PATH = os.path.join(WAZUH_PATH, folder, 'client.keys')  # for unix add 'etc'
-SERVER_KEY_PATH = os.path.join(WAZUH_PATH, folder, 'manager.key')
-SERVER_CERT_PATH = os.path.join(WAZUH_PATH, folder, 'manager.cert')
-SERVER_PEM_PATH = os.path.join(WAZUH_PATH, folder, 'manager.pem')
-AGENT_KEY_PATH = os.path.join(WAZUH_PATH, folder, 'agent.key')
-AGENT_CERT_PATH = os.path.join(WAZUH_PATH, folder, 'agent.cert')
-AGENT_PEM_PATH = os.path.join(WAZUH_PATH, folder, 'agent.pem')
-AUTHDPASS_PATH = os.path.join(WAZUH_PATH, folder, 'authd.pass')
+CLIENT_KEYS_PATH = os.path.join(FORTISHIELD_PATH, folder, 'client.keys')  # for unix add 'etc'
+SERVER_KEY_PATH = os.path.join(FORTISHIELD_PATH, folder, 'manager.key')
+SERVER_CERT_PATH = os.path.join(FORTISHIELD_PATH, folder, 'manager.cert')
+SERVER_PEM_PATH = os.path.join(FORTISHIELD_PATH, folder, 'manager.pem')
+AGENT_KEY_PATH = os.path.join(FORTISHIELD_PATH, folder, 'agent.key')
+AGENT_CERT_PATH = os.path.join(FORTISHIELD_PATH, folder, 'agent.cert')
+AGENT_PEM_PATH = os.path.join(FORTISHIELD_PATH, folder, 'agent.pem')
+AUTHDPASS_PATH = os.path.join(FORTISHIELD_PATH, folder, 'authd.pass')
 AGENT_AUTH_BINARY_PATH = '/var/ossec/bin/agent-auth' if platform.system() == 'Linux' else \
-    os.path.join(WAZUH_PATH, 'agent-auth.exe')
+    os.path.join(FORTISHIELD_PATH, 'agent-auth.exe')
 
 CONFIG_PATHS = {
     'SERVER_PEM_PATH': SERVER_PEM_PATH,

deps/wazuh_testing/wazuh_testing/agent.py renamed to deps/fortishield_testing/fortishield_testing/agent.py

@@ -1,5 +1,5 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
+# Copyright (C) 2015-2021, Fortishield Inc.
+# Created by Fortishield, Inc. <info@fortishield.github.io>.
 # This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
 
 import json
@@ -9,7 +9,7 @@
 from datetime import datetime
 
 from jsonschema import validate, exceptions
-from wazuh_testing import logger
+from fortishield_testing import logger
 
 _data_path = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data')
 
@@ -61,7 +61,7 @@ def callback_analysisd_agent_id(line):
         return match.group(1)
 
 
-def callback_wazuhdb_message_added_and_modified(item):
+def callback_fortishielddb_message_added_and_modified(item):
     data, _ = item
     match = re.match(r'^agent (\d{3,}) \w+ (save2) (.+)$', data.decode())
     if match:
@@ -72,14 +72,14 @@ def callback_wazuhdb_message_added_and_modified(item):
         return match.group(1), match.group(2), body
 
 
-def callback_wazuh_db_message_deleted(item):
+def callback_fortishield_db_message_deleted(item):
     data, _ = item
     match = re.match(r'^agent (\d{3,}) \w+ (delete) (.+)$', data.decode())
     if match:
         return match.group(1), match.group(2), match.group(3)
 
 
-def get_wazuh_db_message(item, keyword: str = None):
+def get_fortishield_db_message(item, keyword: str = None):
     data, _ = item
     match = re.match(r'^agent (\d{3,}) \w+ (\w+) (.+)$', data.decode())
     if match:
@@ -93,17 +93,17 @@ def get_wazuh_db_message(item, keyword: str = None):
         return match.group(1), match.group(2), body
 
 
-def callback_wazuh_db_message(item):
-    if callback_wazuhdb_message_added_and_modified(item) or callback_wazuh_db_message_deleted(item):
-        return get_wazuh_db_message(item)
+def callback_fortishield_db_message(item):
+    if callback_fortishielddb_message_added_and_modified(item) or callback_fortishield_db_message_deleted(item):
+        return get_fortishield_db_message(item)
 
 
-def callback_wazuh_db_integrity(item):
-    return get_wazuh_db_message(item, keyword='integrity')
+def callback_fortishield_db_integrity(item):
+    return get_fortishield_db_message(item, keyword='integrity')
 
 
-def callback_wazuh_db_scan(item):
-    return get_wazuh_db_message(item, keyword='scan')
+def callback_fortishield_db_scan(item):
+    return get_fortishield_db_message(item, keyword='scan')
 
 
 def callback_fim_alert(line):