wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 3 Packages Projects Releases Wiki Activity
Files
1ca806fd5d287c143f09c8d6c82d3a228cc0ef2a
awoooi/docs/security/wazuh-managed-host-coverage-gate.snapshot.json

133 lines
4.6 KiB
JSON
Raw Blame History

{
"execution_boundaries": {
"host_write_authorized": false,
"kali_active_scan_authorized": false,
"not_authorization": true,
"raw_wazuh_payload_storage_allowed": false,
"runtime_execution_authorized": false,
"secret_value_collection_allowed": false,
"wazuh_active_response_authorized": false,
"wazuh_agent_reenroll_authorized": false,
"wazuh_agent_restart_authorized": false,
"wazuh_api_live_query_authorized": false,
"wazuh_manager_restart_authorized": false
},
"forbidden_actions": [
"wazuh_agent_reenroll",
"wazuh_agent_restart",
"wazuh_manager_restart",
"wazuh_dashboard_secret_patch",
"active_response_enable",
"host_write",
"firewall_change",
"nginx_reload",
"kali_active_scan"
],
"forbidden_completion_claims": [
"所有 Wazuh 用戶端已恢復",
"所有主機已納入 Wazuh",
"Wazuh agent registry 已驗收等於 runtime 已授權",
"Dashboard 可見等於 registry 已恢復",
"transport 連線等於全數納管"
],
"generated_at": "2026-06-25T11:45:31+08:00",
"host_scope_matrix": [
{
"manager_registry_accepted": true,
"next_gate": "runtime_gate_owner_review",
"node_id": "managed_core_node_a",
"readback_status": "agent_active_transport_observed",
"role": "核心服務節點"
},
{
"manager_registry_accepted": true,
"next_gate": "runtime_gate_owner_review",
"node_id": "managed_core_node_b",
"readback_status": "agent_active_transport_observed",
"role": "資料服務節點"
},
{
"manager_registry_accepted": true,
"next_gate": "runtime_gate_owner_review",
"node_id": "managed_dev_node_a",
"readback_status": "no_agent_transport_observed",
"role": "開發工作節點"
},
{
"manager_registry_accepted": true,
"next_gate": "runtime_gate_owner_review",
"node_id": "managed_dev_node_b",
"readback_status": "ssh_readback_blocked",
"role": "開發工作節點"
},
{
"manager_registry_accepted": true,
"next_gate": "runtime_gate_owner_review",
"node_id": "managed_control_node_a",
"readback_status": "ssh_readback_blocked",
"role": "控制平面節點"
},
{
"manager_registry_accepted": true,
"next_gate": "runtime_gate_owner_review",
"node_id": "managed_control_node_b",
"readback_status": "ssh_readback_blocked",
"role": "控制平面節點"
}
],
"mode": "committed_manager_registry_readback_no_runtime_no_secret_collection",
"operator_interpretation": [
"manager registry accepted readback 已用 6 個公開節點別名提交;此讀回只代表脫敏 evidence 覆蓋,不代表 runtime 授權。",
"Dashboard API、RBAC、rate-limit 或 TLS 退化會讓 UI 代理清單看起來消失,但不能用 UI 畫面單獨判定 agent 全部恢復。",
"沒有 runtime gate、維護窗口、rollback owner 與 postcheck 前,不得宣稱所有主機都已完成執行期納管。",
"重新註冊 agent、重啟 Wazuh、修改主機或改機密都必須走獨立維護窗口與 rollback owner。"
],
"required_evidence_before_green": [
{
"accepted": true,
"evidence_id": "manager_registry_agent_counts"
},
{
"accepted": true,
"evidence_id": "per_host_agent_scope_matrix"
},
{
"accepted": true,
"evidence_id": "dashboard_api_rbac_tls_repair_readback"
},
{
"accepted": true,
"evidence_id": "readonly_credential_metadata_without_secret"
},
{
"accepted": true,
"evidence_id": "owner_response_and_rollback_owner"
},
{
"accepted": true,
"evidence_id": "post_enable_iwooos_readback"
}
],
"schema_version": "wazuh_managed_host_coverage_gate_v1",
"scope": "wazuh_managed_host_coverage",
"status": "manager_registry_readback_accepted_runtime_gate_closed",
"summary": {
"active_response_authorized_count": 0,
"agent_reenroll_authorized_count": 0,
"agent_restart_authorized_count": 0,
"dashboard_api_degraded_observed_count": 1,
"direct_agent_active_observed_count": 2,
"direct_agent_missing_or_no_transport_count": 1,
"direct_agent_transport_observed_count": 2,
"expected_host_scope_count": 6,
"host_write_authorized_count": 0,
"live_metadata_env_enabled_count": 0,
"manager_api_unauthenticated_response_count": 1,
"manager_registry_accepted_count": 6,
"manager_service_active_observed_count": 1,
"manager_transport_established_connection_count": 6,
"runtime_gate_count": 0,
"ssh_readback_blocked_count": 3
}
}
Reference in New Issue View Git Blame Copy Permalink