Bugfix/10.8.0/macos (#1168)

* feat: Improve installer to add RHELD support

* fix: Update windows ARM collector

* wip

* feat: Add SELinux configuration for RedHat systems

* fix interface agent problem

* add bad gateway page

* complete macos agent

* feat(module-integration): add SOC AI model selection field

* feat(module-integration): add SOC AI model selection field

* feat(module-integration): add SOC AI model selection field

* feat(module-integration): update MacOS guide

---------

Co-authored-by: Yadian Llada Lopez <[email protected]>
Co-authored-by: Osmany Montero <[email protected]>
Co-authored-by: Manuel Abascal <[email protected]>

Author: 4 people

agent/agent/incident_response.go

@@ -119,7 +119,7 @@ func commandProcessor(path string, stream AgentService_AgentStreamClient, cnf *c
 	switch runtime.GOOS {
 	case "windows":
 		result, errB = utils.ExecuteWithResult("cmd.exe", path, "/C", commandPair[0])
-	case "linux":
+	case "linux", "darwin":
 		result, errB = utils.ExecuteWithResult("sh", path, "-c", commandPair[0])
 	default:
 		utils.Logger.Fatal("unsupported operating system: %s", runtime.GOOS)

agent/collectors/collectors.go

@@ -13,7 +13,7 @@ type CollectorConfig struct {
 
 type Collector interface {
 	Install() error
-	SendSystemLogs()
+	SendLogs()
 	Uninstall() error
 }
 
@@ -35,7 +35,7 @@ func InstallCollectors() error {
 func LogsReader() {
 	collectors := getCollectorsInstances()
 	for _, collector := range collectors {
-		go collector.SendSystemLogs()
+		go collector.SendLogs()
 	}
 }
 

agent/collectors/filebeat_amd64.go

@@ -104,20 +104,24 @@ func (f Filebeat) Install() error {
 	return nil
 }
 
-func (f Filebeat) SendSystemLogs() {
+func (f Filebeat) SendLogs() {
 	logLinesChan := make(chan []string)
 	path := utils.GetMyPath()
 	filebLogPath := filepath.Join(path, "beats", "filebeat", "logs")
 
 	parser := parser.GetParser("beats")
 
 	go utils.WatchFolder("modulescollector", filebLogPath, logLinesChan, config.BatchCapacity)
-	for logLine := range logLinesChan {
+
+	for {
+		logLine := <-logLinesChan
+
 		beatsData, err := parser.ProcessData(logLine)
 		if err != nil {
 			utils.Logger.ErrorF("error processing beats data: %v", err)
 			continue
 		}
+
 		for typ, logB := range beatsData {
 			logservice.LogQueue <- logservice.LogPipe{
 				Src:  typ,

agent/collectors/macos_arm64.go

@@ -0,0 +1,95 @@
+//go:build darwin && arm64
+// +build darwin,arm64
+
+package collectors
+
+import (
+	"bufio"
+	"os/exec"
+	"path/filepath"
+
+	"github.com/threatwinds/validations"
+	"github.com/utmstack/UTMStack/agent/config"
+	"github.com/utmstack/UTMStack/agent/logservice"
+	"github.com/utmstack/UTMStack/agent/utils"
+)
+
+type Darwin struct{}
+
+func (d Darwin) Install() error {
+	return nil
+}
+
+func getCollectorsInstances() []Collector {
+	var collectors []Collector
+	collectors = append(collectors, Darwin{})
+	return collectors
+}
+
+func (d Darwin) SendLogs() {
+	path := utils.GetMyPath()
+	collectorPath := filepath.Join(path, "utmstack-collector-mac")
+
+	cmd := exec.Command(collectorPath)
+
+	stdout, err := cmd.StdoutPipe()
+	if err != nil {
+		_ = utils.Logger.ErrorF("error creating stdout pipe: %v", err)
+		return
+	}
+
+	stderr, err := cmd.StderrPipe()
+	if err != nil {
+		_ = utils.Logger.ErrorF("error creating stderr pipe: %v", err)
+		return
+	}
+
+	if err := cmd.Start(); err != nil {
+		_ = utils.Logger.ErrorF("error starting macOS collector: %v", err)
+		return
+	}
+
+	go func() {
+		scanner := bufio.NewScanner(stdout)
+		for scanner.Scan() {
+			logLine := scanner.Text()
+
+			utils.Logger.LogF(100, "output: %s", logLine)
+
+			validatedLog, _, err := validations.ValidateString(logLine, false)
+			if err != nil {
+				utils.Logger.ErrorF("error validating log: %s: %v", logLine, err)
+				continue
+			}
+
+			logservice.LogQueue <- logservice.LogPipe{
+				Src:  string(config.DataTypeMacOs),
+				Logs: []string{validatedLog},
+			}
+		}
+
+		if err := scanner.Err(); err != nil {
+			_ = utils.Logger.ErrorF("error reading stdout: %v", err)
+		}
+	}()
+
+	go func() {
+		scanner := bufio.NewScanner(stderr)
+		for scanner.Scan() {
+			errLine := scanner.Text()
+			_ = utils.Logger.ErrorF("collector error: %s", errLine)
+		}
+
+		if err := scanner.Err(); err != nil {
+			_ = utils.Logger.ErrorF("error reading stderr: %v", err)
+		}
+	}()
+
+	if err := cmd.Wait(); err != nil {
+		_ = utils.Logger.ErrorF("macOS collector process ended with error: %v", err)
+	}
+}
+
+func (d Darwin) Uninstall() error {
+	return nil
+}

agent/collectors/windows_amd64.go

@@ -70,13 +70,14 @@ func (w Windows) Install() error {
 	return nil
 }
 
-func (w Windows) SendSystemLogs() {
+func (w Windows) SendLogs() {
 	logLinesChan := make(chan []string)
 	path := utils.GetMyPath()
 	winbLogPath := filepath.Join(path, "beats", "winlogbeat", "logs")
 
 	go utils.WatchFolder("windowscollector", winbLogPath, logLinesChan, config.BatchCapacity)
-	for logLine := range logLinesChan {
+	for {
+		logLine := <-logLinesChan
 		validatedLogs := []string{}
 		for _, log := range logLine {
 			validatedLog, _, err := validations.ValidateString(log, false)