Release/v11.1.1 (#1509)

* feat: update placement attribute to support multiple positions in alert action select component

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: condition builder visibility based on fields availability

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add system owner field to alert response rules and update related logic

* feat: add systemOwner filter to playbooks component

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add system owner field to alert response rules and update related logic

* feat: enhance playbook component with improved layout and functionality

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: enhance playbook component with improved layout and functionality

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: enhance playbook component with improved layout and functionality

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add system owner field to alert response rules and update related logic

* feat: enhance playbook component with improved layout and functionality

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: update agent handling strategy description for clarity and context

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: update agent handling strategy description for clarity and context

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix: change PostgreSQL logger level from WARN to ERROR

* feat: update log handling and display logic for improved clarity and consistency

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: update log filter selection to improve user experience

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix: handle potential null value in audits length check

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix: update filterBySelect method to accept a generic field type

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: update workflows and send to new cm in gcp

* feat: include script to compile installer

* fix: resolve workflow errors and improve cross-platform compatibility

* fix problem with agent SIGN KEY

* feat: implement service to automatically assign asset groups to alerts

* feat: add asset group fields to alert constants and configuration

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(agent/syslog): add RFC 5424 octet counting framing support and improve message handling

* fix: always update pending versions

* improve v11 changelog

* feat: enhance playbook UI and loading behavior, add new alert fields

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(oauth2): implement corporate authentication with OAuth2 support

* feat(identity-provider): add OAuth2/OpenID Connect provider management

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(identity-provider): add OAuth2/OpenID Connect provider management

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: implement service to automatically assign asset groups to alerts

* feat(identity-provider): add OAuth2/OpenID Connect provider management

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(oauth2): enhance corporate authentication with additional fields and event handling

* feat: add CrowdStrike plugin core implementation

* feat: add gRPC configuration management for CrowdStrike

* feat(oauth2): enhance corporate authentication with additional fields and event handling

* feat(oauth2): enhance corporate authentication with additional fields and event handling

* feat(identity-provider): add OAuth2/OpenID Connect provider management

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(oauth2): enhance corporate authentication with additional fields and event handling

* feat(identity-provider): add OAuth2/OpenID Connect provider management

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* refactor: update version info handling and clean up community module display

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* Update frontend/src/app/shared/components/auth/login/login.component.ts

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update frontend/src/app/shared/components/auth/login-providers/login-providers.component.ts

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update backend/src/main/java/com/park/utmstack/config/SecurityConfiguration.java

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update backend/src/main/java/com/park/utmstack/service/idp_provider/IdentityProviderService.java

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update frontend/src/app/app-management/identity-provider/shared/components/provider-form/provider-form.component.ts

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* feat(oauth2): enhance corporate authentication with additional fields and event handling

* refactor: simplify request structure and improve provider toggle logic

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(oauth2): implement enterprise version handling for identity providers

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add adversary view menu and associated authorities to database

* feat: add adversary management module with routing and view components

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* refactor: remove deprecated standalone plugin architecture

* feat: add adversary management module with routing and view components

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: implement adversary alerts management with new DTOs and service

* feat: add SQL query support to LogExplorer via OpenSearch

* feat: add SQL query support to LogExplorer via OpenSearch

* feat: implement adversary alerts graph and service for data retrieval

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: enhance timezone handling by dynamically generating timezone list

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: enhance timezone handling by dynamically generating timezone list

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add adversary management module with routing and view components

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add adversary management module with routing and view components

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add adversary view menu and associated authorities to database

* feat: implement adversary alerts graph and service for data retrieval

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: implement adversary alerts management with new DTOs and service

* feat: enhance adversary alerts graph layout and styling for improved visualization

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: enhance adversary alerts graph layout and styling for improved visualization

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix[bitdefender-plugin]: make StartServer blocking and remove retry loop

* update macos guide

* feat: enhance adversary alerts graph layout and styling for improved visualization

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: enhance adversary alerts graph layout and styling for improved visualization

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: implement adversary alerts management with new DTOs and service

* fix: adjust TFA expiration time to use configurable constant

* feat: conditionally render module card based on module name

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add application version info retrieval functionality

* feat: add application version info retrieval functionality

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: compliance report view component

* feat: add SQL query support to LogExplorer via OpenSearch

* feat: add SQL query support to LogExplorer via OpenSearch

* feat(saml): implement SAML authentication support with identity provider configuration

* feat(saml): implement SAML authentication support with identity provider configuration

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add application version info retrieval functionality

* fix: remove conditional rendering for AS_400 module and filter out in module retrieval

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(saml): enhance SAML authentication success handler to include role-based authorities

* feat(o365-plugin): add multi-cloud environment support for Microsoft Cloud (Commercial, GCC, GCC High, DoD)

* feat: add exception handling for MethodArgumentNotValidException and update UtmModuleConfigValidator logic

* fix(o365-plugin): Remove invalid field check and add multi-cloud support

- Implement cloud-aware connection checking per authority
- Use correct endpoints and scopes for each cloud environment

* feat: add SQL query support to LogExplorer via OpenSearch

* feat(o365-plugin): add Office 365 cloud environment configuration options

* Update backend/src/main/resources/config/liquibase/changelog/20251125001_add_environment_o365_integration.xml

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update backend/src/main/java/com/park/utmstack/domain/application_modules/factory/impl/ModuleO365.java

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update backend/src/main/java/com/park/utmstack/domain/application_modules/UtmModuleGroupConfiguration.java

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* feat: add SQL query support to LogExplorer via OpenSearch

* feat: add SQL query support to LogExplorer via OpenSearch

* feat: add SQL query support to LogExplorer via OpenSearch

* feat: add SQL query support to LogExplorer via OpenSearch

* feat: add SQL query support to LogExplorer via OpenSearch

* fix: update file permissions from 777 to 755 for security improvements

* feat(azure plugin): enhance Azure cloud detection and connection validation

* feat(o365_validation-modules-config): add Management API validation and multi-cloud endpoint support

* feat(header): integrate version info display and update logic

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* refactor: rename UtmStackConnectionService to ModuleConfigurationValidationService and enhance validation logic

* feat(exception-handling): add ApiException class and global exception handler

* feat: add SQL query support to LogExplorer via OpenSearch

* feat: add SQL query support to LogExplorer via OpenSearch

* feat(int-generic-group-config): improve searchable option based on config options length

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(int-generic-group-config): improve searchable option based on config options length

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix(modules-config): disable CROWDSTRIKE module not implemented in backend.

* refactor(plugins): standardize logging with catcher

* feat(saml): update identity provider configuration to include metadata URL and remove deprecated fields

* style(dashboard): adjust padding and layout for improved UI consistency

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix: optimize cloud detection logic in connection string parsing

* feat(elastic-filter-time): enhance time filter functionality and update UI interactions

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(azure): extract individual records from Azure Event Hub logs

Parse Azure logs with 'records' array structure and send each record
as a separate log entry for better indexing and security analysis.
Maintains backward compatibility for logs without records array.

* fix(modules-config): remove gin default logger middleware to eliminate non-standardized HTTP logs while maintaining catcher logging standard and panic protection.

* refactor(azure-filter): deleted 'Expand log.records' data to improve parsing

* refactor(gcp-filter): deleted 'Expand jsonPayload.structuredRdata' data to improve parsing

* update the version of the Azure and GCP filters

* feat(saml): update identity provider configuration to include metadata URL and remove deprecated fields

* feat(provider): add SAML 2.0 support with metadata URL and service provider configuration

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(saml): enhance identity provider creation with multipart form data and encryption for private key

* feat(provider): add SAML 2.0 support with metadata URL and service provider configuration

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix(totp): prevent potential error by checking subscription before unsubscribe

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* style(totp): comment out unused email resend container for cleaner code

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* style(utm-code-view): add word-break class to code element for better text handling

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(filters): add Azure and GCP filters with updated field mappings and severity handling

* refactor(ModuleSocAi): remove unused getName method for cleaner code

* fix(deployment-pipeline): update tag pattern for v10 to support semantic versioning

* chore(changelog): update release notes for UTMStack v11.0.3 with fixed issues and performance improvements

* chore(changelog): update release notes for UTMStack v11.0.3 with fixed issues and performance improvements

* feat(authentication): add SAML and OIDC support with validation for private keys and certificates

* chore(master.xml): remove outdated environment integration and filter update changelogs

* feat(identity-provider): enhance provider management with file uploads and validation

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(authentication): enhance SAML and OIDC support with file validation and metadata URL checks

* feat(identity-provider): enhance provider management with file uploads and validation

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(identity-provider): enhance provider management with file uploads and validation

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* Refactor adversary alerts graph component and update no data display

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* Remove redundant getName() method override in ModuleSocAi

* Update frontend/src/app/data-management/alert-management/shared/components/filters/alert-generic-filter/alert-generic-filter.component.ts

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* feat: add SQL query support to LogExplorer via OpenSearch

* feat: add SQL query support to LogExplorer via OpenSearch

* feat: enhance LogExplorer with SQL query support and custom keyword suggestions

* Update backend/src/main/java/com/park/utmstack/service/dto/elastic/SqlSearchDto.java

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* feat: enhance identity provider management with role requirements and UI improvements

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: update login components for improved styling and provider text

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add loading screen with spinner and enhance app initialization

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(agents): update agent guide with Kali Linux tab and enhance installation command structure

* feat: add SAML OIDC corporate authentication configuration fields

* feat: add SAML OIDC corporate authentication support with SP entity ID and ACS URL

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(api-keys): implement API key management with creation, retrieval, update, and deletion functionalities

* feat: integrate app version management and enterprise feature directive

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: enhance SAML2 login handlers with role validation and logging

* feat: enhance SAML2 login handlers with role validation and logging

* feat: enhance SAML2 login handlers with role validation and logging

* feat: integrate app version management and enterprise feature directive

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: update API route for version checking to check-for-updates

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: remove client secret display from provider details

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix: update application version file path and improve pagination offset calculation

* fix: update application version file path and improve pagination offset calculation

* fix: update opensearch-connector version to 1.0.4

* feat: enhance enterprise module directive to support dynamic menu names and icons

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix: streamline loading state management in playbook service and clean up filter parameters in playbooks component

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix: update UtmModuleRepository and UtmModuleService to use Optional for findByServerIdAndModuleName method

* feat: add detail view for alerts in echoes component and improve alert display

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix: improve error handling in CleanCountedLogs to create default data retention file if retrieval fails

* feat: enhance adversary alerts graph with dynamic graphic elements and improved chart container styling

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* Update frontend/src/app/data-management/alert-management/shared/components/alert-echoes/alert-echoes.component.html

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update frontend/src/app/data-management/alert-management/shared/components/alert-echoes/alert-echoes.component.html

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* feat: enhance detail view for alerts in echoes component and improve data handling

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: enhance adversary alerts graph with dynamic graphic elements and improved chart container styling

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: enhance adversary alerts graph with dynamic graphic elements and improved chart container styling

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* refactor: reorganize imports in adversary alerts graph component for improved readability

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* refactor: reorganize imports in adversary alerts graph component for improved readability

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* chore: update changelog for UTMStack v11.1.1 release, add fixes and features

* fix: handle version info loading error gracefully

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: refactor module update process to use ModuleDTO and enhance decryption handling

* feat: enhance adversary alerts graph with improved event handling and child alert metadata

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add SAML2 login endpoint to front-end configuration

---------

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
Co-authored-by: Yorjander Hernandez Vergara <yorjaKbayero@gmail.com>
Co-authored-by: JocLRojas <joc.l.rojas02@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Elena Lopez Milan <elopez@utmstack.com>
Co-authored-by: Osmany Montero <osmontero@icloud.com>
Co-authored-by: Yadian Llada Lopez <yadian.llada@gmail.com>

Author: 7 people

CHANGELOG.md

@@ -1,8 +1,9 @@
-# UTMStack 11.1.0
+# UTMStack 11.1.1
 
-These are the release notes for **UTMStack v11.1.0**, highlighting new features, bug fixes, and performance improvements.
+These are the release notes for **UTMStack v11.1.1**, highlighting new features, bug fixes, and performance improvements.
 
-## Features
+## Fixes
+- Improved the module activation and deactivation process to handle missing modules more robustly and prevent errors when activating integrations.
 
-- Introduced SQL query support in LogExplorer, enabling users to execute SQL queries on OpenSearch indices directly from the user interface.
-- Added an interactive Adversary View to the Threat Management module, providing a graphical, filterable visualization of relationships between Adversaries, their generated Alerts, and associated Echoes.
+## Features
+- Enabled inline expand/collapse functionality for alert echo rows.

agent/logservice/processor.go

@@ -174,8 +174,16 @@ func (l *LogProcessor) CleanCountedLogs() {
 	for range ticker.C {
 		dataRetention, err := GetDataRetention()
 		if err != nil {
-			utils.Logger.ErrorF("error getting data retention: %s", err)
-			continue
+			utils.Logger.ErrorF("error getting data retention: %s, creating default retention file", err)
+			if err := SetDataRetention(""); err != nil {
+				utils.Logger.ErrorF("error creating default data retention: %s", err)
+				continue
+			}
+			dataRetention, err = GetDataRetention()
+			if err != nil {
+				utils.Logger.ErrorF("error reading newly created data retention: %s", err)
+				continue
+			}
 		}
 		l.db.Lock()
 		_, err = l.db.DeleteOld(&models.Log{}, dataRetention)

backend/src/main/java/com/park/utmstack/event_processor/EventProcessorManagerService.java

@@ -4,6 +4,8 @@
 import com.park.utmstack.domain.application_modules.UtmModule;
 import com.park.utmstack.domain.application_modules.UtmModuleGroup;
 import com.park.utmstack.domain.application_modules.enums.ModuleName;
+import com.park.utmstack.service.dto.application_modules.ModuleDTO;
+import com.park.utmstack.service.dto.application_modules.UtmModuleMapper;
 import com.park.utmstack.service.web_clients.rest_template.RestTemplateService;
 import com.park.utmstack.util.CipherUtil;
 import lombok.RequiredArgsConstructor;
@@ -34,7 +36,7 @@ public class EventProcessorManagerService {
             System.getenv(Constants.ENV_EVENT_PROCESSOR_HOST) + ":" +
             System.getenv(Constants.ENV_EVENT_PROCESSOR_PORT);
 
-    public void updateModule(UtmModule module) {
+    public void updateModule(ModuleDTO module) {
         final String ctx = CLASSNAME + ".updateModule";
 
         String url = UriComponentsBuilder
@@ -60,10 +62,19 @@ public void updateModule(UtmModule module) {
 
     public void decryptModuleConfig (UtmModule module){
         Set<UtmModuleGroup> groups = module.getModuleGroups();
+        decryptModuleGroupsConfig(groups, module.getModuleName());
+    }
+
+    public void decryptModuleConfig (ModuleDTO moduleDTO){
+        Set<UtmModuleGroup> groups = moduleDTO.getModuleGroups();
+        decryptModuleGroupsConfig(groups, moduleDTO.getModuleName());
+    }
+
+    private void decryptModuleGroupsConfig(Set<UtmModuleGroup> groups, ModuleName moduleName) {
         groups.forEach((gp) -> {
             gp.getModuleGroupConfigurations().forEach((gpc) -> {
                 if ((gpc.getConfDataType().equals(Constants.CONF_TYPE_PASSWORD) && StringUtils.hasText(gpc.getConfValue()))
-                        || (gpc.getConfDataType().equals(Constants.CONF_TYPE_FILE) && StringUtils.hasText(gpc.getConfValue())) && typeFileNeedsDecryptList.contains(module.getModuleName())) {
+                        || (gpc.getConfDataType().equals(Constants.CONF_TYPE_FILE) && StringUtils.hasText(gpc.getConfValue())) && typeFileNeedsDecryptList.contains(moduleName)) {
                     gpc.setConfValue(CipherUtil.decrypt(gpc.getConfValue(), System.getenv(Constants.ENV_ENCRYPTION_KEY)));
                 }
             });

backend/src/main/java/com/park/utmstack/repository/application_modules/UtmModuleRepository.java

@@ -10,6 +10,7 @@
 import org.springframework.stereotype.Repository;
 
 import java.util.List;
+import java.util.Optional;
 
 
 /**
@@ -19,8 +20,8 @@
 @Repository
 public interface UtmModuleRepository extends JpaRepository<UtmModule, Long>, JpaSpecificationExecutor<UtmModule> {
 
-    @EntityGraph(attributePaths = {"moduleGroups", "moduleGroups.moduleGroupConfigurations"})
-    UtmModule findByServerIdAndModuleName(Long serverId, ModuleName shortName);
+    @EntityGraph(attributePaths = {"server", "filters", "moduleGroups", "moduleGroups.moduleGroupConfigurations"})
+    Optional<UtmModule> findByServerIdAndModuleName(Long serverId, ModuleName shortName);
 
     Integer countAllByModuleNameAndModuleActiveIsTrue(ModuleName shortName);
 

backend/src/main/java/com/park/utmstack/service/application_modules/UtmModuleGroupConfigurationService.java

@@ -8,8 +8,9 @@
 import com.park.utmstack.repository.application_modules.UtmModuleRepository;
 import com.park.utmstack.event_processor.EventProcessorManagerService;
 import com.park.utmstack.util.CipherUtil;
+import com.park.utmstack.util.exceptions.ApiException;
 import lombok.RequiredArgsConstructor;
-import org.apache.commons.lang3.SerializationUtils;
+import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.CollectionUtils;
@@ -53,11 +54,11 @@ public void createConfigurationKeys(List<UtmModuleGroupConfiguration> keys) thro
      * @param keys List of configuration keys to save
      * @throws Exception In case of any error
      */
-    public void updateConfigurationKeys(Long moduleId, List<UtmModuleGroupConfiguration> keys) throws Exception {
+    public UtmModule updateConfigurationKeys(Long moduleId, List<UtmModuleGroupConfiguration> keys) throws Exception {
         final String ctx = CLASSNAME + ".updateConfigurationKeys";
         try {
             if (CollectionUtils.isEmpty(keys))
-                return;
+                throw new ApiException("No configuration keys were provided to update", HttpStatus.BAD_REQUEST);
             for (UtmModuleGroupConfiguration key : keys) {
                 if (key.getConfRequired() && !StringUtils.hasText(key.getConfValue()))
                     throw new Exception(String.format("No value was found for required configuration: %1$s (%2$s)", key.getConfName(), key.getConfKey()));
@@ -67,14 +68,14 @@ public void updateConfigurationKeys(Long moduleId, List<UtmModuleGroupConfigurat
             moduleConfigurationRepository.saveAll(keys);
 
             List<ModuleName> needRestartModules = Arrays.asList(ModuleName.AWS_IAM_USER, ModuleName.AZURE,
-                ModuleName.GCP, ModuleName.SOPHOS);
+                    ModuleName.GCP, ModuleName.SOPHOS);
 
-            moduleRepository.findById(moduleId).ifPresent(module -> {
-                module.setNeedsRestart(needRestartModules.contains(module.getModuleName()));
-                moduleRepository.save(module);
-                UtmModule detached = SerializationUtils.clone(module);
-                eventProcessorManagerService.updateModule(detached);
-            });
+            return moduleRepository.findById(moduleId)
+                    .map(module -> {
+                        module.setNeedsRestart(needRestartModules.contains(module.getModuleName()));
+                        return moduleRepository.save(module);
+                    })
+                    .orElseThrow(() -> new ApiException(String.format("Module with ID %1$s not found", moduleId), HttpStatus.NOT_FOUND));
         } catch (Exception e) {
             throw new Exception(ctx + ": " + e.getMessage());
         }

backend/src/main/java/com/park/utmstack/service/application_modules/UtmModuleService.java

@@ -8,12 +8,10 @@
 import com.park.utmstack.repository.UtmModuleGroupRepository;
 import com.park.utmstack.repository.application_modules.UtmModuleRepository;
 import com.park.utmstack.service.UtmMenuService;
-import com.park.utmstack.event_processor.EventProcessorManagerService;
 import com.park.utmstack.service.dto.application_modules.ModuleActivationDTO;
 import com.park.utmstack.service.index_pattern.UtmIndexPatternService;
 import com.park.utmstack.service.logstash_filter.UtmLogstashFilterService;
 import lombok.RequiredArgsConstructor;
-import org.apache.commons.lang3.SerializationUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.data.domain.Page;
@@ -24,7 +22,6 @@
 
 import java.util.List;
 import java.util.NoSuchElementException;
-import java.util.Objects;
 import java.util.Optional;
 
 /**
@@ -43,7 +40,6 @@ public class UtmModuleService {
     private final UtmIndexPatternService indexPatternService;
     private final UtmLogstashFilterService logstashFilterService;
     private final UtmModuleGroupRepository moduleGroupRepository;
-    private final EventProcessorManagerService eventProcessorManagerService;
 
 
     /**
@@ -56,30 +52,29 @@ public class UtmModuleService {
     public UtmModule activateDeactivate(ModuleActivationDTO moduleActivationDTO) {
         final String ctx = CLASSNAME + ".activateDeactivate";
 
-            long serverId = moduleActivationDTO.getServerId();
-            ModuleName nameShort = moduleActivationDTO.getModuleName();
-            boolean activationStatus = moduleActivationDTO.getActivationStatus();
+        long serverId = moduleActivationDTO.getServerId();
+        ModuleName nameShort = moduleActivationDTO.getModuleName();
+        boolean activationStatus = moduleActivationDTO.getActivationStatus();
 
-            UtmModule module = moduleRepository.findByServerIdAndModuleName(serverId, nameShort);
+        return moduleRepository.findByServerIdAndModuleName(serverId, nameShort)
+                .map(module -> {
+                    module.setModuleActive(activationStatus);
+                    module = moduleRepository.save(module);
 
-            if (Objects.isNull(module))
-                throw new NoSuchElementException(String.format("Definition of the module %1$s not found for the server ID %2$s", nameShort.name(), serverId));
+                    List<ModuleName> nonRemovableConf = List.of(ModuleName.SOC_AI);
 
-            module.setModuleActive(activationStatus);
-            module = moduleRepository.save(module);
+                    if (!activationStatus && !nonRemovableConf.contains(nameShort))
+                        moduleGroupRepository.deleteAllByModuleId(module.getId());
 
-            List<ModuleName> nonRemovableConf = List.of(ModuleName.SOC_AI);
+                    enableDisableModuleMenus(nameShort, activationStatus);
+                    enableDisableModuleIndexPatterns(nameShort, activationStatus);
+                    enableDisableModuleFilter(nameShort, activationStatus);
 
-            if (!activationStatus && !nonRemovableConf.contains(nameShort))
-                moduleGroupRepository.deleteAllByModuleId(module.getId());
-
-            enableDisableModuleMenus(nameShort, activationStatus);
-            enableDisableModuleIndexPatterns(nameShort, activationStatus);
-            enableDisableModuleFilter(nameShort, activationStatus);
-            UtmModule detached = SerializationUtils.clone(module);
-            eventProcessorManagerService.updateModule(detached);
-
-            return module;
+                    return module;
+                })
+                .orElseThrow(() -> new NoSuchElementException(
+                        String.format("Definition of the module %1$s not found for the server ID %2$s", nameShort.name(), serverId)
+                ));
     }
 
     private void enableDisableModuleMenus(ModuleName nameShort, Boolean activationStatus) {
@@ -186,11 +181,12 @@ public Optional<UtmModule> findOne(Long id) {
 
     public UtmModule findByServerIdAndModuleName(Long serverId, ModuleName shortName) {
         final String ctx = CLASSNAME + ".findByServerIdAndModuleName";
-        try {
-            return moduleRepository.findByServerIdAndModuleName(serverId, shortName);
-        } catch (Exception e) {
-            throw new RuntimeException(ctx + ": " + e.getMessage());
-        }
+
+        return moduleRepository.findByServerIdAndModuleName(serverId, shortName)
+                .orElseThrow(() -> new NoSuchElementException(
+                        String.format("%s: The module %s not found for the server ID %s", ctx, shortName.name(), serverId)
+                ));
+
     }
 
     public boolean isModuleActive(ModuleName shortName) {

backend/src/main/java/com/park/utmstack/web/rest/application_modules/UtmModuleGroupConfigurationResource.java

@@ -2,10 +2,14 @@
 
 import com.park.utmstack.aop.logging.AuditEvent;
 import com.park.utmstack.domain.application_events.enums.ApplicationEventType;
+import com.park.utmstack.domain.application_modules.UtmModule;
 import com.park.utmstack.domain.application_modules.UtmModuleGroupConfiguration;
+import com.park.utmstack.event_processor.EventProcessorManagerService;
 import com.park.utmstack.service.application_events.ApplicationEventService;
 import com.park.utmstack.service.application_modules.UtmModuleGroupConfigurationService;
 import com.park.utmstack.service.dto.application_modules.GroupConfigurationDTO;
+import com.park.utmstack.service.dto.application_modules.ModuleDTO;
+import com.park.utmstack.service.dto.application_modules.UtmModuleMapper;
 import com.park.utmstack.web.rest.util.HeaderUtil;
 import lombok.RequiredArgsConstructor;
 import org.slf4j.Logger;
@@ -27,6 +31,8 @@ public class UtmModuleGroupConfigurationResource {
     private final Logger log = LoggerFactory.getLogger(UtmModuleGroupConfigurationResource.class);
     private final UtmModuleGroupConfigurationService moduleGroupConfigurationService;
     private final ApplicationEventService applicationEventService;
+    private final UtmModuleMapper utmModuleMapper;
+    private final EventProcessorManagerService eventProcessorManagerService;
 
 
     @PutMapping("/module-group-configurations/update")
@@ -39,7 +45,10 @@ public class UtmModuleGroupConfigurationResource {
     public ResponseEntity<Void> updateConfiguration(@Valid @RequestBody GroupConfigurationDTO body) {
         final String ctx = CLASSNAME + ".updateConfiguration";
         try {
-            moduleGroupConfigurationService.updateConfigurationKeys(body.getModuleId(), body.getKeys());
+            UtmModule module = moduleGroupConfigurationService.updateConfigurationKeys(body.getModuleId(), body.getKeys());
+            ModuleDTO moduleDTO = utmModuleMapper.toDto(module, false);
+            eventProcessorManagerService.updateModule(moduleDTO);
+
             return ResponseEntity.ok().build();
         } catch (Exception e) {
             String msg = ctx + ": " + e.getMessage();

backend/src/main/java/com/park/utmstack/web/rest/application_modules/UtmModuleResource.java

@@ -13,15 +13,10 @@
 import com.park.utmstack.service.application_modules.UtmModuleQueryService;
 import com.park.utmstack.service.application_modules.UtmModuleService;
 import com.park.utmstack.event_processor.EventProcessorManagerService;
-import com.park.utmstack.service.dto.application_modules.CheckRequirementsResponse;
-import com.park.utmstack.service.dto.application_modules.ModuleActivationDTO;
-import com.park.utmstack.service.dto.application_modules.ModuleDTO;
-import com.park.utmstack.service.dto.application_modules.UtmModuleCriteria;
+import com.park.utmstack.service.dto.application_modules.*;
 import com.park.utmstack.util.ResponseUtil;
 import com.park.utmstack.web.rest.util.PaginationUtil;
-import lombok.Getter;
 import lombok.RequiredArgsConstructor;
-import lombok.Setter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.data.domain.Page;
@@ -48,8 +43,8 @@ public class UtmModuleResource {
     private final UtmModuleQueryService utmModuleQueryService;
     private final ApplicationEventService eventService;
     private final UtmServerRepository utmServerRepository;
-    // List of configurations of type 'file' that needs content decryption
     private final EventProcessorManagerService eventProcessorManagerService;
+    private final UtmModuleMapper utmModuleMapper;
 
 
 
@@ -60,14 +55,19 @@ public class UtmModuleResource {
             successMessage = "Module activated/deactivated successfully"
     )
     @PutMapping("/utm-modules/activateDeactivate")
-    public ResponseEntity<UtmModule> activateDeactivate(@RequestParam Long serverId,
+    public ResponseEntity<ModuleDTO> activateDeactivate(@RequestParam Long serverId,
                                                         @RequestParam ModuleName nameShort,
                                                         @RequestParam Boolean activationStatus) {
-        return ResponseEntity.ok(moduleService.activateDeactivate(ModuleActivationDTO.builder()
-                        .serverId(serverId)
-                        .moduleName(nameShort)
-                        .activationStatus(activationStatus)
-                .build()));
+
+        UtmModule module = moduleService.activateDeactivate(ModuleActivationDTO.builder()
+                .serverId(serverId)
+                .moduleName(nameShort)
+                .activationStatus(activationStatus)
+                .build());
+        ModuleDTO moduleDTO = utmModuleMapper.toDto(module, false);
+        eventProcessorManagerService.updateModule(moduleDTO);
+
+        return ResponseEntity.ok(moduleDTO);
     }
 
     /**

frontend/src/app/data-management/adversary-management/adversary-alerts-graph/adversary-alerts-graph.component.html

@@ -1,4 +1,4 @@
-<div class="d-flex flex-column h-100 m-h-0 overflow-auto">
+<div class="d-flex flex-column h-100 m-h-0 overflow-auto chart-container">
   <div class="flex-grow-1 h-100">
     <div echarts
          [options]="option"
@@ -9,3 +9,26 @@
   </div>
 </div>
 
+<div *ngIf="viewAlertDetail" class="utm-right-container">
+  <div (click)="closeDetail()" class="overlay overlay-lg col-md-6"></div>
+  <div class="card utm-right-action utm-right-action-lg">
+    <div class="title d-flex justify-content-between align-items-center border-bottom-1
+     border-bottom-grey-100  p-3 ">
+      <h6 class="card-title pb-0 mb-0 text-blue-800 font-weight-light">
+        {{ alertDetail.name }}
+      </h6>
+      <div class="d-flex flex-row align-items-center gap-2">
+        <app-alert-logs-related-action [logs]="alertDetail.events"></app-alert-logs-related-action>
+        <button (click)="closeDetail()" aria-label="Close"
+                class="" type="button">
+          <div class="close-icon"></div>
+        </button>
+      </div>
+    </div>
+    <app-alert-view-detail [alert]="alertDetail"
+                           [isEcho] = "true"
+                           [hideEmptyField]= "true"
+                           [dataType]="EventDataTypeEnum.ALERT">
+    </app-alert-view-detail>
+  </div>
+</div>