Neuro #16
Open
Neuro #16
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Replaced custom MCP implementation with rmcp framework - Simplified architecture to use stdio transport only - Implemented WazuhToolsServer with #[tool(tool_box)] attribute - Added get_wazuh_alert_summary tool with proper parameter schema - Removed HTTP transport and axum dependencies - Updated README with new installation and usage instructions - Maintained compatibility with existing Wazuh Indexer client - Simplified error handling by removing axum-specific code
- Aligned initialize response with actual rmcp server output - Updated tools/list response to match real JSON schema format - Corrected tool name from 'wazuhAlerts' to 'get_wazuh_alert_summary' - Added proper MCP content format with text type responses - Included error response examples for connection failures - Updated tool call examples with correct parameter structure - Removed outdated outputSchema references (not used in rmcp) - Added proper JSON schema format with draft-07 specification
* Implemented unit and e2e testing * Other fixes and enhancements
- Replace custom WazuhIndexerClient with wazuh-client crate - Remove ~150 lines of duplicate code from src/wazuh/ directory - Add get_wazuh_rules_summary tool with filtering by level/group/filename - Implement factory pattern for consistent client creation - Add support for separate WAZUH_API_PORT and WAZUH_INDEXER_PORT - Maintain backward compatibility with existing environment variables - Enable access to comprehensive Wazuh API clients (agents, rules, config, etc.) - Add compliance framework mappings (GDPR, HIPAA, PCI DSS, NIST 800-53) - All tests passing (19/19) with clean compilation
…security operations Major enhancements: - Added Docker image building and publishing to GitHub Container Registry with multi-platform support (linux/amd64, linux/arm64) - Expanded from basic alert retrieval to comprehensive security operations with 14 MCP tools covering: * Vulnerability management (agent vulnerability summaries, critical vulnerabilities) * Agent monitoring (running agents, processes, network ports) * System statistics (weekly stats, remoted stats, log collector stats) * Log analysis (manager logs, error logs with search capabilities) * Cluster management (health checks, node listing) - Updated environment configuration to support both Wazuh Manager API and Wazuh Indexer with proper SSL handling - Enhanced documentation with detailed use cases, Docker deployment options, and comprehensive tool descriptions - Upgraded wazuh-client dependency to v0.1.1 for expanded API capabilities - Added agent ID formatting and validation for consistent three-digit zero-padded identifiers This transforms the server from a simple alert fetcher into a full-featured security operations platform for AI-assisted Wazuh management.
…ction and parametrization.
module leaving the main MCP server entrypoint as just a dispatcher of the former.
This commit introduces a major refactoring of the tool implementation by splitting the tools into separate modules based on their domain (agents, alerts, rules, stats, vulnerabilities). This improves modularity and maintainability. Key changes: - Upgraded wazuh-client to version 0.1.7 to leverage the new builder pattern for client instantiation. - Refactored the main WazuhToolsServer to delegate tool calls to the new domain-specific tool modules. - Created a tools module with submodules for each domain, each containing the relevant tool implementations and parameter structs. - Updated the default limit for most tools from 100 to 300, while the vulnerability summary limit is set to 10,000 to ensure comprehensive scans. - Removed a problematic manual test from the test script that was causing it to hang.
🎯 Application MDR complète avec expérience admin et user parfaite ## Backend API (Node.js/TypeScript) - ✅ Architecture professionnelle avec séparation des responsabilités - ✅ Authentification JWT sécurisée avec bcrypt - ✅ Service MCP Client pour communication avec serveur Rust - ✅ Intégration LLM Google Gemini : * Chat Admin J.A.R.V.I.S. (ton expert) * Chat Client Concierge (ton rassurant) * Traduction automatique des alertes - ✅ Sécurité production : Helmet, CORS, rate limiting, validation - ✅ Endpoints complets : auth, admin, client, portal ## Frontend (Next.js 14 + React) - ✅ Design Dark Mode/Cyan Électrique (PRD spec) - ✅ Dashboard Client "Zéro Jargon" : * Bouclier visuel animé avec statut * Métriques simplifiées (systèmes, conformité) * Journal de bord avec alertes traduites * Chat Concierge IA intégré - ✅ Interface Admin J.A.R.V.I.S. : * Commandes en langage naturel * Chat expert IA * Métriques temps réel - ✅ Composants réutilisables : Shield, MetricCard, AlertFeed, ChatInterface - ✅ Animations Framer Motion pour UX premium ## Infrastructure & DevOps - ✅ Docker Compose complet avec health checks - ✅ Dockerfiles multi-stage optimisés - ✅ Script quick-start.sh pour installation automatisée - ✅ Documentation complète : * README_APP.md (overview) * DEPLOYMENT.md (guide production) * IMPLEMENTATION_SUMMARY.md (détails techniques) ## Sécurité - ✅ JWT avec role-based access control - ✅ Rate limiting différencié (auth vs API) - ✅ Input sanitization et validation - ✅ Logging complet avec Winston - ✅ Graceful shutdown ## Conformité PRD - ✅ [REQ-P2-04] Endpoint Admin J.A.R.V.I.S. - ✅ [REQ-P2-05] Endpoint Client Concierge - ✅ [REQ-P2-06] Endpoint Portal Summary - ✅ [REQ-P3-01] Application Next.js Dark Mode/Cyan - ✅ [REQ-P3-02] Système d'authentification - ✅ [REQ-P3-03] Dashboard Client complet - ✅ [REQ-P3-04] Interface Chatbot - ✅ [REQ-P3-05] Section Admin sécurisée Application production-ready, sécurisée et dans les règles de l'art 🛡️
Owner
|
Could you please elaborate on this PR ? it seems like some sort of frontend. What is the relationship with the Wazuh MCP server ? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.