Skip to content

Bugfix/10.8.0/macos #1168

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Kbayero merged 12 commits into from
Apr 21, 2025
Merged

Bugfix/10.8.0/macos #1168

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
e48a97b
feat: Improve installer to add RHELD support
yllada Apr 16, 2025
91977d8
fix: Update windows ARM collector
yllada Apr 16, 2025
435cfca
wip
osmontero Apr 16, 2025
756066c
feat: Add SELinux configuration for RedHat systems
yllada Apr 16, 2025
c1ac489
Merge branch 'bugfix/10.7.2/rhel_support' into bugfix/10.8.0/macos
Kbayero Apr 18, 2025
4e50527
fix interface agent problem
Kbayero Apr 18, 2025
7b909e9
add bad gateway page
Kbayero Apr 18, 2025
1173856
complete macos agent
Kbayero Apr 19, 2025
c8e3f40
feat(module-integration): add SOC AI model selection field
mjabascal10 Apr 18, 2025
589da78
feat(module-integration): add SOC AI model selection field
mjabascal10 Apr 18, 2025
aa82e65
feat(module-integration): add SOC AI model selection field
mjabascal10 Apr 18, 2025
88def5d
feat(module-integration): update MacOS guide
mjabascal10 Apr 21, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion agent/agent/incident_response.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ func commandProcessor(path string, stream AgentService_AgentStreamClient, cnf *c
switch runtime.GOOS {
case "windows":
result, errB = utils.ExecuteWithResult("cmd.exe", path, "/C", commandPair[0])
case "linux":
case "linux", "darwin":
result, errB = utils.ExecuteWithResult("sh", path, "-c", commandPair[0])
default:
utils.Logger.Fatal("unsupported operating system: %s", runtime.GOOS)
Expand Down
4 changes: 2 additions & 2 deletions agent/collectors/collectors.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ type CollectorConfig struct {

type Collector interface {
Install() error
SendSystemLogs()
SendLogs()
Uninstall() error
}

Expand All @@ -35,7 +35,7 @@ func InstallCollectors() error {
func LogsReader() {
collectors := getCollectorsInstances()
for _, collector := range collectors {
go collector.SendSystemLogs()
go collector.SendLogs()
}
}

Expand Down
8 changes: 6 additions & 2 deletions agent/collectors/filebeat_amd64.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,20 +104,24 @@ func (f Filebeat) Install() error {
return nil
}

func (f Filebeat) SendSystemLogs() {
func (f Filebeat) SendLogs() {
logLinesChan := make(chan []string)
path := utils.GetMyPath()
filebLogPath := filepath.Join(path, "beats", "filebeat", "logs")

parser := parser.GetParser("beats")

go utils.WatchFolder("modulescollector", filebLogPath, logLinesChan, config.BatchCapacity)
for logLine := range logLinesChan {

for {
logLine := <-logLinesChan

beatsData, err := parser.ProcessData(logLine)
if err != nil {
utils.Logger.ErrorF("error processing beats data: %v", err)
continue
}

for typ, logB := range beatsData {
logservice.LogQueue <- logservice.LogPipe{
Src: typ,
Expand Down
95 changes: 95 additions & 0 deletions agent/collectors/macos_arm64.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,95 @@
//go:build darwin && arm64
// +build darwin,arm64

package collectors

import (
"bufio"
"os/exec"
"path/filepath"

"github.com/threatwinds/validations"
"github.com/utmstack/UTMStack/agent/config"
"github.com/utmstack/UTMStack/agent/logservice"
"github.com/utmstack/UTMStack/agent/utils"
)

type Darwin struct{}

func (d Darwin) Install() error {
return nil
}

func getCollectorsInstances() []Collector {
var collectors []Collector
collectors = append(collectors, Darwin{})
return collectors
}

func (d Darwin) SendLogs() {
path := utils.GetMyPath()
collectorPath := filepath.Join(path, "utmstack-collector-mac")

cmd := exec.Command(collectorPath)

stdout, err := cmd.StdoutPipe()
if err != nil {
_ = utils.Logger.ErrorF("error creating stdout pipe: %v", err)
return
}

stderr, err := cmd.StderrPipe()
if err != nil {
_ = utils.Logger.ErrorF("error creating stderr pipe: %v", err)
return
}

if err := cmd.Start(); err != nil {
_ = utils.Logger.ErrorF("error starting macOS collector: %v", err)
return
}

go func() {
scanner := bufio.NewScanner(stdout)
for scanner.Scan() {
logLine := scanner.Text()

utils.Logger.LogF(100, "output: %s", logLine)

validatedLog, _, err := validations.ValidateString(logLine, false)
if err != nil {
utils.Logger.ErrorF("error validating log: %s: %v", logLine, err)
continue
}

logservice.LogQueue <- logservice.LogPipe{
Src: string(config.DataTypeMacOs),
Logs: []string{validatedLog},
}
}

if err := scanner.Err(); err != nil {
_ = utils.Logger.ErrorF("error reading stdout: %v", err)
}
}()

go func() {
scanner := bufio.NewScanner(stderr)
for scanner.Scan() {
errLine := scanner.Text()
_ = utils.Logger.ErrorF("collector error: %s", errLine)
}

if err := scanner.Err(); err != nil {
_ = utils.Logger.ErrorF("error reading stderr: %v", err)
}
}()

if err := cmd.Wait(); err != nil {
_ = utils.Logger.ErrorF("macOS collector process ended with error: %v", err)
}
}

func (d Darwin) Uninstall() error {
return nil
}
5 changes: 3 additions & 2 deletions agent/collectors/windows_amd64.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,13 +70,14 @@ func (w Windows) Install() error {
return nil
}

func (w Windows) SendSystemLogs() {
func (w Windows) SendLogs() {
logLinesChan := make(chan []string)
path := utils.GetMyPath()
winbLogPath := filepath.Join(path, "beats", "winlogbeat", "logs")

go utils.WatchFolder("windowscollector", winbLogPath, logLinesChan, config.BatchCapacity)
for logLine := range logLinesChan {
for {
logLine := <-logLinesChan
validatedLogs := []string{}
for _, log := range logLine {
validatedLog, _, err := validations.ValidateString(log, false)
Expand Down
Loading
Loading