wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 4 Packages Projects Releases Wiki Activity
Files
main
awoooi/docs/security/wazuh-managed-host-coverage-gate.snapshot.json

133 lines
4.5 KiB
JSON
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"execution_boundaries": {
"host_write_authorized": false,
"kali_active_scan_authorized": false,
"not_authorization": true,
"raw_wazuh_payload_storage_allowed": false,
"runtime_execution_authorized": false,
"secret_value_collection_allowed": false,
"wazuh_active_response_authorized": false,
"wazuh_agent_reenroll_authorized": false,
"wazuh_agent_restart_authorized": false,
"wazuh_api_live_query_authorized": false,
"wazuh_manager_restart_authorized": false
},
"forbidden_actions": [
"wazuh_agent_reenroll",
"wazuh_agent_restart",
"wazuh_manager_restart",
"wazuh_dashboard_secret_patch",
"active_response_enable",
"host_write",
"firewall_change",
"nginx_reload",
"kali_active_scan"
],
"forbidden_completion_claims": [
"所有 Wazuh 用戶端已恢復",
"所有主機已納入 Wazuh",
"Wazuh agent registry 已驗收",
"Dashboard 可見等於 registry 已恢復",
"transport 連線等於全數納管"
],
"generated_at": "2026-06-25T11:45:31+08:00",
"host_scope_matrix": [
{
"manager_registry_accepted": false,
"next_gate": "manager_registry_cross_check",
"node_id": "managed_core_node_a",
"readback_status": "agent_active_transport_observed",
"role": "核心服務節點"
},
{
"manager_registry_accepted": false,
"next_gate": "manager_registry_cross_check",
"node_id": "managed_core_node_b",
"readback_status": "agent_active_transport_observed",
"role": "資料服務節點"
},
{
"manager_registry_accepted": false,
"next_gate": "agent_install_or_service_owner_decision",
"node_id": "managed_dev_node_a",
"readback_status": "no_agent_transport_observed",
"role": "開發工作節點"
},
{
"manager_registry_accepted": false,
"next_gate": "read_only_access_or_owner_export",
"node_id": "managed_dev_node_b",
"readback_status": "ssh_readback_blocked",
"role": "開發工作節點"
},
{
"manager_registry_accepted": false,
"next_gate": "read_only_access_or_owner_export",
"node_id": "managed_control_node_a",
"readback_status": "ssh_readback_blocked",
"role": "控制平面節點"
},
{
"manager_registry_accepted": false,
"next_gate": "read_only_access_or_owner_export",
"node_id": "managed_control_node_b",
"readback_status": "ssh_readback_blocked",
"role": "控制平面節點"
}
],
"mode": "snapshot_only_no_runtime_no_secret_collection",
"operator_interpretation": [
"目前只能確認部分節點有 agent service 與 transportmanager registry 仍沒有可驗收讀回。",
"Dashboard API、RBAC、rate-limit 或 TLS 退化會讓 UI 代理清單看起來消失,但不能用 UI 畫面單獨判定 agent 全部恢復。",
"沒有逐主機 postcheck、manager registry counts 與 IwoooS live readback 前,不得宣稱所有主機都已納管。",
"重新註冊 agent、重啟 Wazuh、修改主機或改機密都必須走獨立維護窗口與 rollback owner。"
],
"required_evidence_before_green": [
{
"accepted": false,
"evidence_id": "manager_registry_agent_counts"
},
{
"accepted": false,
"evidence_id": "per_host_agent_scope_matrix"
},
{
"accepted": false,
"evidence_id": "dashboard_api_rbac_tls_repair_readback"
},
{
"accepted": false,
"evidence_id": "readonly_credential_metadata_without_secret"
},
{
"accepted": false,
"evidence_id": "owner_response_and_rollback_owner"
},
{
"accepted": false,
"evidence_id": "post_enable_iwooos_readback"
}
],
"schema_version": "wazuh_managed_host_coverage_gate_v1",
"scope": "wazuh_managed_host_coverage",
"status": "blocked_waiting_full_host_registry_readback",
"summary": {
"active_response_authorized_count": 0,
"agent_reenroll_authorized_count": 0,
"agent_restart_authorized_count": 0,
"dashboard_api_degraded_observed_count": 1,
"direct_agent_active_observed_count": 2,
"direct_agent_missing_or_no_transport_count": 1,
"direct_agent_transport_observed_count": 2,
"expected_host_scope_count": 6,
"host_write_authorized_count": 0,
"live_metadata_env_enabled_count": 0,
"manager_api_unauthenticated_response_count": 1,
"manager_registry_accepted_count": 0,
"manager_service_active_observed_count": 1,
"manager_transport_established_connection_count": 6,
"runtime_gate_count": 0,
"ssh_readback_blocked_count": 3
}
}
Reference in New Issue View Git Blame Copy Permalink