Release/v11.2.0 (#1567)

* feat: add sql query hints to code editor

* feat: add SQL query suggestions to code editor

* feat(application-event): enhance logging and update index for application events

* update windows-events filter

* feat(plugins): add new CrowdStrike plugin to collect and process security events from CrowdStrike Falcon platform

* feat: add sql query hints to code editor

* feat: add SQL query suggestions to code editor

* feat: enhance SQL query suggestions in code editor with limits and aggregation examples

* feat: enhance SQL query suggestions in code editor with limits and aggregation examples

* feat(crowdstrike): add integration procedures and configuration for CrowdStrike module

* feat(crowdstrike): add integration procedures and configuration for CrowdStrike module

* feat(crowdstrike): implement CrowdStrike integration guide and update logs display

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* add the CrowdStrike plugin build and push it into the event processor image

* fix: Incorrect cursor behavior in SQL Query Editor

* fix: Incorrect cursor behavior in SQL Query Editor

* fix: Incorrect cursor behavior in SQL Query Editor

* fix(crowdstrike): standardize configuration keys for CrowdStrike module

* feat(crowdstrike): implement CrowdStrike integration guide and update logs display

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix(crowdStrike): fixed configuration parameter names to maintain compatibility.

* fix(crowdStrike): fixed informational message to follow standard catcher

* fix(crowdstrike): standardize configuration keys for CrowdStrike module

* feat(crowdstrike): update CrowdStrike integration filter and normalize log fields

* fix(app-logs): update log detail terminology for clarity

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(audit): enhance audit messages with enriched context and implement AuditableDTO

* fix(UtmDataInputStatusService): optimize data synchronization and improve error handling

* refactor: remove unused agent self

* feat(agent): implement UTMStack Updater service

* feat(agent): implement updater service installation and update process

* feat(modulesConfig): enhance AWS config validation to include log group checks

* feat(aws): enhance AWS CloudWatch Logs streaming with dynamic configuration handling and context management

* feat(pipeline): update build process to include updater service

* Revert "feat(pipeline): update build process to include updater service"

This reverts commit e9e395d.

* feat(pipeline): update build process to include updater service

* feat(data-input): add checkpoint table and repository for data input status management

* fix(UtmAlertServiceImpl): filter alerts to process only non parent alerts for notifications

* fix(config): add .exe extension to updater service filenames for Windows builds

* fix(aws): correct component naming and update routing in email settings

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* chore(CHANGELOG): update release notes for UTMStack v11.2.0

* chore(CHANGELOG): update release notes for UTMStack v11.2.0

* fix(sql-validation): format code for improved readability in balancedQuotes function

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix(app-logs): remove console log for cleaner output on successful log load

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* Update the log information agent/updater/service/install.go

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

---------

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
Co-authored-by: Elena Lopez Milan <elopez@utmstack.com>
Co-authored-by: JocLRojas <joc.l.rojas02@gmail.com>
Co-authored-by: Yadian Llada Lopez <yadian.llada@gmail.com>
Co-authored-by: Jose L Quiñones Rojas <73146718+JocLRojas@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

Author: 5 people

.github/workflows/v11-deployment-pipeline.yml

@@ -95,36 +95,49 @@ jobs:
       - name: Check out code into the right branch
         uses: actions/checkout@v4
 
-      - name: Build Linux Agent
+      - name: Build Linux Binaries
         env:
           GOOS: linux
           GOARCH: amd64
         run: |
           cd ${{ github.workspace }}/agent
           go build -o utmstack_agent_service -v -ldflags "-X 'github.com/utmstack/UTMStack/agent/config.REPLACE_KEY=${{ secrets.AGENT_SECRET_PREFIX }}'" .
 
-      - name: Build Windows Agent (amd64)
+          cd ${{ github.workspace }}/agent/updater
+          go build -o utmstack_updater_service .
+
+      - name: Build Windows Binaries (amd64)
         env:
           GOOS: windows
           GOARCH: amd64
         run: |
           cd ${{ github.workspace }}/agent
           go build -o utmstack_agent_service.exe -v -ldflags "-X 'github.com/utmstack/UTMStack/agent/config.REPLACE_KEY=${{ secrets.AGENT_SECRET_PREFIX }}'" .
 
-      - name: Build Windows Agent (arm64)
+          cd ${{ github.workspace }}/agent/updater
+          go build -o utmstack_updater_service.exe .
+
+      - name: Build Windows Binaries (arm64)
         env:
           GOOS: windows
           GOARCH: arm64
         run: |
           cd ${{ github.workspace }}/agent
           go build -o utmstack_agent_service_arm64.exe -v -ldflags "-X 'github.com/utmstack/UTMStack/agent/config.REPLACE_KEY=${{ secrets.AGENT_SECRET_PREFIX }}'" .
 
+          cd ${{ github.workspace }}/agent/updater
+          go build -o utmstack_updater_service_arm64.exe .
+
       - name: Sign Windows Agents
         run: |
           cd ${{ github.workspace }}/agent
           signtool sign /fd SHA256 /tr http://timestamp.digicert.com /td SHA256 /f "${{ vars.SIGN_CERT }}" /csp "eToken Base Cryptographic Provider" /k "[{{${{ secrets.SIGN_KEY }}}}]=${{ secrets.SIGN_CONTAINER }}" "utmstack_agent_service.exe"
           signtool sign /fd SHA256 /tr http://timestamp.digicert.com /td SHA256 /f "${{ vars.SIGN_CERT }}" /csp "eToken Base Cryptographic Provider" /k "[{{${{ secrets.SIGN_KEY }}}}]=${{ secrets.SIGN_CONTAINER }}" "utmstack_agent_service_arm64.exe"
 
+          cd ${{ github.workspace }}/agent/updater
+          signtool sign /fd SHA256 /tr http://timestamp.digicert.com /td SHA256 /f "${{ vars.SIGN_CERT }}" /csp "eToken Base Cryptographic Provider" /k "[{{${{ secrets.SIGN_KEY }}}}]=${{ secrets.SIGN_CONTAINER }}" "utmstack_updater_service.exe"
+          signtool sign /fd SHA256 /tr http://timestamp.digicert.com /td SHA256 /f "${{ vars.SIGN_CERT }}" /csp "eToken Base Cryptographic Provider" /k "[{{${{ secrets.SIGN_KEY }}}}]=${{ secrets.SIGN_CONTAINER }}" "utmstack_updater_service_arm64.exe"
+
       - name: Upload signed binaries as artifacts
         uses: actions/upload-artifact@v4
         with:
@@ -133,6 +146,9 @@ jobs:
             ${{ github.workspace }}/agent/utmstack_agent_service
             ${{ github.workspace }}/agent/utmstack_agent_service.exe
             ${{ github.workspace }}/agent/utmstack_agent_service_arm64.exe
+            ${{ github.workspace }}/agent/updater/utmstack_updater_service
+            ${{ github.workspace }}/agent/updater/utmstack_updater_service.exe
+            ${{ github.workspace }}/agent/updater/utmstack_updater_service_arm64.exe
           retention-days: 1
 
   build_utmstack_collector:
@@ -198,6 +214,9 @@ jobs:
           cp "${{ github.workspace }}/agent/utmstack_agent_service" ./dependencies/agent/
           cp "${{ github.workspace }}/agent/utmstack_agent_service.exe" ./dependencies/agent/
           cp "${{ github.workspace }}/agent/utmstack_agent_service_arm64.exe" ./dependencies/agent/
+          cp "${{ github.workspace }}/agent/updater/utmstack_updater_service" ./dependencies/agent/
+          cp "${{ github.workspace }}/agent/updater/utmstack_updater_service.exe" ./dependencies/agent/
+          cp "${{ github.workspace }}/agent/updater/utmstack_updater_service_arm64.exe" ./dependencies/agent/
           cp "${{ github.workspace }}/agent/version.json" ./dependencies/agent/
       
       - name: Login to GitHub Container Registry
@@ -241,6 +260,7 @@ jobs:
           cd ${{ github.workspace }}/plugins/stats; go build -o com.utmstack.stats.plugin -v .
           cd ${{ github.workspace }}/plugins/soc-ai; go build -o com.utmstack.soc-ai.plugin -v .
           cd ${{ github.workspace }}/plugins/modules-config; go build -o com.utmstack.modules-config.plugin -v .
+          cd ${{ github.workspace }}/plugins/crowdStrike; go build -o com.utmstack.crowdstrike.plugin -v .
 
       - name: Prepare Dependencies for Event Processor Image
         run: |

CHANGELOG.md

@@ -1,7 +1,7 @@
-# UTMStack 11.1.8 – Release Notes
+# UTMStack 11.2.0 – Release Notes
 
-The **UTMStack v11.1.8** update delivers important fixes and usability improvements to enhance stability and user experience.
+The **UTMStack v11.2.0** release introduces key enhancements, new integrations, and important fixes to improve system stability, performance, and user experience.
 
 ## Improvements & Fixes
-- Improved AWS integration: updated setup guides and more reliable log processing.
-
+- Enhanced AWS integration with updated setup guides and improved log processing reliability.
+- Added CrowdStrike Falcon integration for advanced threat detection and response.

agent/config/const.go

@@ -13,6 +13,10 @@ type ProtoPort struct {
 	TCP string
 }
 
+const (
+	SERVICE_UPDATER_NAME = "UTMStackUpdater"
+)
+
 var (
 	REPLACE_KEY string
 

agent/config/linux_amd64.go

@@ -4,7 +4,7 @@
 package config
 
 var (
-	UpdaterSelf = "utmstack_updater_self%s"
 	ServiceFile = "utmstack_agent_service%s"
+	UpdaterFile = "utmstack_updater_service%s"
 	DependFiles = []string{"utmstack_agent_dependencies_linux.zip"}
 )

agent/config/linux_arm64.go

@@ -4,7 +4,7 @@
 package config
 
 var (
-	UpdaterSelf = "utmstack_updater_self_arm64%s"
 	ServiceFile = "utmstack_agent_service_arm64%s"
+	UpdaterFile = "utmstack_updater_service%s"
 	DependFiles = []string{"utmstack_agent_dependencies_linux_arm64.zip"}
 )

agent/config/macos.go

@@ -4,7 +4,7 @@
 package config
 
 var (
-	UpdaterSelf = "utmstack_updater_self%s"
 	ServiceFile = "utmstack_agent_service%s"
+	UpdaterFile = "utmstack_updater_service%s"
 	DependFiles = []string{}
 )

agent/config/windows_amd64.go

@@ -4,7 +4,7 @@
 package config
 
 var (
-	UpdaterSelf = "utmstack_updater_self%s.exe"
 	ServiceFile = "utmstack_agent_service%s.exe"
+	UpdaterFile = "utmstack_updater_service%s.exe"
 	DependFiles = []string{"utmstack_agent_dependencies_windows.zip"}
 )

agent/config/windows_arm64.go

@@ -4,7 +4,7 @@
 package config
 
 var (
-	UpdaterSelf = "utmstack_updater_self_arm64%s.exe"
 	ServiceFile = "utmstack_agent_service_arm64%s.exe"
+	UpdaterFile = "utmstack_updater_service%s.exe"
 	DependFiles = []string{"utmstack_agent_dependencies_windows_arm64.zip"}
 )

agent/models/version.go

@@ -1,5 +1,6 @@
 package models
 
 type Version struct {
-	Version string `json:"version"`
+	Version        string `json:"version"`
+	UpdaterVersion string `json:"updater_version"`
 }