Add Wazuh Analysis plugin files and structure (#7242)

* Add initial Wazuh Analysis plugin files and structure

* Add wazuh-analysis plugin to dev.yml configuration

* Set server option to false in Wazuh Analysis plugin configuration

* Add initial implementation of the Wazuh Analysis plugin

* Enforce no-empty-object-type rule in TypeScript files for Wazuh Analysis plugin

* Refactor AnalysisApp component to use EUI layout components

* Enable TTY for OSD development environment in dev.yml

* Add TypeScript types for React and ReactDOM as dev dependencies

* Add translation messages and application categories for Wazuh Analysis plugin

* Refactor AnalysisPlugin to use constants for plugin and category IDs

* Add navigation links for security categories in AnalysisPlugin

* Fix indentation in translation messages for analysis categories in Wazuh Analysis plugin

* Refactor translation keys in AnalysisPlugin to use plugin ID for consistency

* Add translation messages for new categories in AnalysisPlugin

* Refactor AnalysisPlugin to use dynamic keys for application IDs

* Add navigation links for configuration assessment, malware detection, and FIM in AnalysisPlugin

* Add function to navigate to the first app in a navigation group

* Update application IDs in AnalysisPlugin to include endpoint security path

* Remove category assignment from threat intelligence application in AnalysisPlugin

* Add description for endpoint security category in AnalysisPlugin

* Remove category assignment from endpoint security application in AnalysisPlugin

* Fix navigation to the first app in the endpoint security group and update core start property assignment

* Refactor sub-application ID generation in AnalysisPlugin for improved readability

* Add JSDoc comments for generateSubAppId function in plugin.ts

* Refactor mount functions in AnalysisPlugin to use arrow function syntax for improved context handling

* Implement app startup subject in AnalysisPlugin for navigation handling

* Add getCurrentNavGroup function to retrieve the current navigation group

* Refactor navigateToFirstAppInNavGroup function to improve parameter handling and simplify navigation logic

* Refactor app startup subscription to set current navigation group and navigate accordingly

* Add navigation link status management for endpoint security applications

* Refactor endpoint security applications to streamline mount logic and manage nav link visibility

* Refactor application registration to use an array for better structure and clarity

* Refactor translationMessages to use Object.freeze for immutability

* Refactor AnalysisPlugin setup to improve app registration structure

* Refactor AnalysisPlugin to use Object.freeze for navigation groups

* Refactor AnalysisPlugin to separate navigation group registration into its own method

* Refactor AnalysisPlugin to extract app startup subscription into a separate method

* Refactor AnalysisPlugin to use Object.freeze for CATEGORY definition

* Refactor AnalysisPlugin to consolidate endpoint security apps into a single subApps structure

* Refactor AnalysisPlugin to improve code organization and maintainability

* Refactor AnalysisPlugin to assign CATEGORY to endpoint security and threat intelligence apps

* Refactor AnalysisPlugin to update appStatusUpdater type to AppUpdater

* Refactor AnalysisPlugin to conditionally update appStatusUpdater based on navGroup status

* Refactor AnalysisPlugin to ensure unmount function returns a boolean value

* Refactor AnalysisPlugin to simplify appStatusUpdater initialization and remove optional chaining

* Refactor package.json to remove unused React type definitions from devDependencies

* Refactor yarn.lock to remove unused React type definitions and csstype dependency

* Refactor AnalysisPlugin to add threat intelligence sub-apps and update navigation links

* Refactor AnalysisPlugin to add new sub-apps for regulatory compliance, IT hygiene, incident response, and cloud security services

* Refactor AnalysisPlugin to improve app mount logic and enhance app status updates

* Refactor AnalysisPlugin to streamline app mount logic using a loop for improved maintainability

* Refactor AnalysisPlugin to register applications directly in setupAppMounts for improved clarity and efficiency

* Refactor AnalysisPlugin to rename navigation link visibility functions for improved clarity

* Add global search functionality for navigation pages in AnalysisPlugin

* Rename global search command ID in AnalysisPlugin for consistency

* Rename search pages command file for improved organization and clarity

* Move search pages command import to global search directory for improved organization

* Rename function generateSubAppId to buildSubAppId for improved clarity

* Add internationalization support for Analysis Plugin title

* Add constants file and export PLUGIN_ID for analysis plugin

* Remove redundant PLUGIN_ID constant from analysis plugin

* Add CATEGORY constant for analysis plugin with internationalization support

* Add Endpoint Security application with internationalization support

* Refactor analysis plugin constants and remove redundant i18n file

* Add description constant for Endpoint Security and update references

* Add Threat Intelligence application with internationalization support

* Add Threat Intelligence application implementation and registration

* rename application files to group directory

* Refactor plugin imports to group directory structure

* Add Security Operations application implementation and registration

* Add Cloud Security application implementation and internationalization support

* Add GroupsId type definition for security applications

* Add navigation groups for security applications

* Add Cloud Security application structure and integration

* Enable new home page feature in OpenSearch Dashboards configuration

* Refactor buildSubAppId function into utils for better modularity

* Move navigateToFirstAppInNavGroup function to utils and update imports

* Rename `generateSubAppId` function to `buildSubAppId` for consistency

* Add endpoint security and threat intelligence applications

* Export application IDs and titles for endpoint security and threat intelligence

* Add security operations applications with IDs and titles

* Add cloud security applications with IDs and titles

* Refactor app ID handling to use GroupsId type for improved consistency

* Add endpoint security navigation group and refactor registration of nav links

* Refactor navigation group handling and improve utility functions for better code organization

* Refactor endpoint security navigation group setup for improved organization and clarity

* Refactor application management by introducing ApplicationService for improved app lifecycle handling and navigation group integration

* Refactor AnalysisPlugin to streamline app updater registration using navGroupsIds array

* Refactor endpoint security group by consolidating app registration and navigation link setup into a single module

* Refactor cloud security group by consolidating navigation and application handling into a single module

* Refactor security operations group by consolidating navigation and application handling into a single module

* Refactor Group interface to use generic type for improved type safety

* Refactor threat intelligence group by consolidating application logic and removing obsolete file

* Refactor cloud security application import for improved clarity

* Refactor navigation groups by removing obsolete nav-groups file

* Refactor navigation groups to use generic types for improved type safety

* Refactor AnalysisPlugin to use nav group classes for improved organization and clarity

* Refactor AnalysisPlugin to simplify subApps initialization by removing unnecessary object mapping

* Refactor AnalysisPlugin and ApplicationService to streamline nav link visibility management by consolidating related functions and simplifying initialization logic

* Refactor AnalysisPlugin to change subApps type from App[] to App[][] for improved type clarity

* Refactor ApplicationService to encapsulate navigation logic in navigateToFirstAppInNavGroup method for improved clarity and maintainability

* Refactor ApplicationService to enhance documentation with detailed JSDoc comments for improved code clarity and maintainability

* Refactor nav-group utility to remove navigateToFirstAppInNavGroup function and introduce getCurrentNavGroup for improved navigation handling

* Refactor ApplicationService to enhance unmount logic for improved resource cleanup during application lifecycle

* Refactor ApplicationService to rename appOperations methods for improved clarity and consistency in lifecycle management

* Refactor AnalysisPlugin to move app updater registration to the start method for improved initialization flow

* Refactor DashboardSecurityService types to enhance typing for higher type safety and add optional token property

* Refactor DashboardSecurityService to improve type safety and error handling, and enhance localization for user role messages

* Refactor LifecycleService to make dependency parameters optional for improved flexibility

* Add NoopLogger implementation for logging interface compliance

* Add logging to ApplicationService for improved debugging and traceability

* Refactor application.service.ts to streamline imports and enhance code organization

* Refactor security-related groups to centralize constants and improve code organization

* Refactor WazuhCorePlugin to implement NoopLogger for improved logging and type safety

* Refactor ApplicationService to use navGroupId for improved navigation group handling

* Remove unused navigation group handling from ApplicationService unmount logic

* Refactor WazuhCorePlugin and ApplicationService for improved navigation handling and error management

* Remove unused getCurrentNavGroup utility function from nav-group.ts

* Refactor WazuhCorePlugin and AnalysisPlugin to use applicationService for improved service management

* Refactor AnalysisPlugin to streamline imports and enhance type definitions for setup dependencies

* Add createSideNavItems function to generate side navigation items for apps

* Add createEndpointSecurityNavItems function to generate navigation items for endpoint security

* Add Layout component for structured page layout with sidebar navigation

* Add new endpoint security applications: Configuration Assessment, FIM, and Malware Detection

* Update endpoint security applications imports for configuration assessment, malware detection, and FIM

* Update Layout component to accept a single child or an array of children

Refactor imports in types.ts to use constants from respective modules

Remove empty object parameter from renderApp calls in endpoint security applications

Refactor endpoint security applications to use Layout component and pass AppMountParameters

refactor: remove history parameter from renderApp calls in endpoint security applications

* feat: implement navigation to the first endpoint security app on mount

* feat: add plugin services for core getter and setter in Wazuh analysis plugin

* feat: update side navigation to use core application navigation

* feat: add opensearchDashboardsUtils as a required plugin for Wazuh analysis

* refactor: remove order property from navigation groups in Wazuh analysis plugin

* feat: implement navigation to the first endpoint security app in the mount function

* feat: conditionally render side navigation based on nav group settings

* refactor: update import paths for endpoint security apps to use new filenames

* feat: add conditional navigation to the first endpoint security app based on nav group settings

* refactor: make updater$ parameter optional in getApps method across navigation groups

* refactor: replace createEndpointSecurityNavItems with createSideNavItems for navigation consistency

* feat: implement regulatory compliance app with dedicated rendering and link to security operations navigation group

* feat: add IT hygiene application with dedicated rendering and integrate into security operations navigation group

* refactor: remove TODO comments for unimplemented applications in endpoint security apps module

* refactor: remove TODO comments for incident response application and update import path in security operations apps module

* feat: implement incident response application with rendering logic and integrate into security operations navigation group

* fix: update SECURITY_OPERATIONS_ID to SECURITY_OPERATIONS_TITLE in IT Hygiene and Regulatory Compliance apps for consistency

* feat: implement MITRE ATT&CK application with rendering logic and integrate into threat intelligence navigation group

* feat: enhance threat intelligence nav group to navigate to app based on nav group status in mount function

* Fix import path and update title for MITRE attack app

* Add threat-hunting application to threat intelligence group

* Implement vulnerability detection application structure

* Refactor app props naming for consistency across incident response, it hygiene, and compliance apps

* Enhance Cloud Security navigation by conditionally redirecting based on nav group status in the mount function

* Implement AWS application for cloud security group

* Add Docker application implementation and render logic for cloud security group in Wazuh analysis plugin

* Implement Google Cloud application and render logic for cloud security group in Wazuh analysis plugin

* Add GitHub application implementation and render logic for cloud security group in Wazuh analysis plugin

* Implement Office 365 application and render logic for cloud security group in Wazuh analysis plugin

* Remove unused appBasePath prop from AnalysisApp component in Wazuh analysis plugin for cleaner code

* Enhance ApplicationService with detailed documentation and refine method descriptions for improved clarity and maintainability

* refactor: rename match function to hasMatch for clarity

* refactor: remove unused Group interface and related methods for cleaner code

* refactor: update Group import path for consistency and remove unused addNavLinks method

* refactor: enhance Group interface with detailed methods for navigation and application management

* refactor: enrich debug logging in registerAppUpdater with appId for better traceability

* refactor: reorganize application service methods for clearer structure and enhance navigation group setup logic

* refactor: streamline application initialization and navigation group handling for improved clarity and functionality

* refactor: rename method and streamline navigation group assignment for improved code clarity and organization

* refactor: simplify app registration and enhance navigation group handling for better code clarity and maintainability

* refactor: rename and simplify sub-app mounting logic for improved clarity and organization

* feat: add global search page item and search pages command components for enhanced navigation and search functionality

* refactor: enhance application setup and search command registration for improved modularity and clarity

* refactor: simplify application startup method for improved clarity and consistency

* refactor: streamline application mount logic for improved clarity and modularity

* refactor: replace getCoreStart with getCore for improved consistency in application service

* refactor: update ApplicationService to use coreSetup for improved modularity and clarity

* refactor: enhance logging in ApplicationService for improved traceability

* refactor: enhance debug logging in AnalysisPlugin for improved traceability

* refactor: change method visibility to private in ApplicationService for encapsulation

* refactor: remove coreSetup parameter from ApplicationService methods for improved clarity

* Refactor ApplicationService documentation and methods

* refactor: add NavGroupType to security-related navigation groups for consistency

* fix: correct translation key for analysis plugin title

* refactor: update import paths for constants in cloud security apps

* refactor: move configuration assessment constants to a separate file for better organization

* refactor: streamline ANALYSIS_PLUGIN_TITLE translation and ensure consistent NavGroupType usage

* refactor: reorganize import paths for constants in configuration assessment files

* refactor: move FIM constants to a dedicated file for better organization

* refactor: move malware detection constants to a dedicated file for better organization

* refactor: move incident response constants to a dedicated file for better organization

* refactor: move IT hygiene constants to a dedicated file for better organization

* refactor: move regulatory compliance constants to a dedicated file for better organization

* refactor: move MITRE ATT&CK constants to a dedicated file for better organization

* refactor: move threat hunting constants to a dedicated file for better organization

* refactor: move vulnerability detection constants to a dedicated file for better organization

* Add tasks to initialize index patterns (#7262)

* feat: add task to create index pattern fields

- Add task to create index pattern fields
- Create CLIs to get the static files for the index pattern default
  fields used when there is no indices on the Wazuh dashboard starts

* chore(changelog): add entry

* fix(script): uncomment statements in build-static-files-get-from-wildcard tool

* Remove .scheduled-commands index pattern creation (#7263)

* fix: remove scheduled-commands index pattern creation

* feat(changelog): add entry

* Change master branch references to main (#7288)

* refactor: remove unused UI settings from opensearch_dashboards.yml

* refactor: update Group import path for better module resolution

* refactor: update PLUGIN_ID for consistency in analysis plugin

* refactor: remove NavGroupType from navigation groups for cleaner code

* docs: add README for ApplicationService with method explanations and usage in plugins

* refactor: simplify mount functions in navigation groups and update ApplicationService methods

* docs: update README for ApplicationService with new plugin example and navigation group definitions

* docs: add README for plugin structure and example application

* docs: enhance README with detailed plugin structure and examples for creating groups and applications

* docs: add README for Wazuh Analysis plugin with structure and application examples

* refactor: rename onAppStartup to start in ApplicationService and update usage in plugins

* refactor: rename setup to register in ApplicationService and update related documentation

* refactor: simplify app mount and cleanup logic in ApplicationService

* refactor: move layout and createSideNavItems into applicationService and use from it

* docs: update README for modifyAppGroupMount method to include subApps parameter

* refactor: enhance documentation for getApps method in Group interface

* refactor: update getApps and renderApp to utilize ApplicationService for layout management

---------

Co-authored-by: Antonio <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>

.eslintrc.js

@@ -219,6 +219,8 @@ module.exports = {
         /* -------------------------------------------------------------------------- */
         /*                             @typescript-eslint                             */
         /* -------------------------------------------------------------------------- */
+        '@typescript-eslint/no-non-null-assertion': 'off',
+        '@typescript-eslint/no-empty-object-type': 'off',
         '@typescript-eslint/no-dynamic-delete': 'off',
         '@typescript-eslint/no-unused-vars': [
           'error',
@@ -359,6 +361,7 @@ module.exports = {
             },
           },
         ],
+        'react/prop-types': 'off',
       },
     },
     {

docker/osd-dev/dev.yml

@@ -239,13 +239,15 @@ services:
       - ${OSD_PORT}:5601
     environment:
       - 'LOGS=/proc/1/fd/1'
+    tty: true
     volumes:
       - osd_cache:/home/node/.cache
       - '${SRC}/main:/home/node/kbn/plugins/main'
       - '${SRC}/wazuh-core:/home/node/kbn/plugins/wazuh-core'
       - '${SRC}/wazuh-check-updates:/home/node/kbn/plugins/wazuh-check-updates'
       - '${SRC}/wazuh-engine:/home/node/kbn/plugins/wazuh-engine'
       - '${SRC}/wazuh-fleet:/home/node/kbn/plugins/wazuh-fleet'
+      - '${SRC}/wazuh-analysis:/home/node/kbn/plugins/wazuh-analysis'
       - wd_certs:/home/node/kbn/certs/
       - ${WAZUH_DASHBOARD_CONF}:/home/node/kbn/config/opensearch_dashboards.yml
       - ./config/${OSD_MAJOR}/osd/wazuh.yml:/home/node/kbn/data/wazuh/config/wazuh.yml

plugins/wazuh-analysis/.i18nrc.json

@@ -0,0 +1,7 @@
+{
+  "prefix": "wazuhAnalysis",
+  "paths": {
+    "wazuhAnalysis": "."
+  },
+  "translations": ["translations/en-US.json"]
+}

plugins/wazuh-analysis/README.md

@@ -0,0 +1,252 @@
+# **General Plugin Structure and Functionality**
+
+A **plugin** in this context follows a **modular and organized structure**, dividing its functionalities into **thematic groups**. Each group contains specific applications, each with its own logic and components.
+
+Here’s a step-by-step guide on how to **create a new plugin** with **groups and applications**, using snippets based on the provided structure.
+
+---
+
+## **1️⃣ Creating the Plugin Structure**
+
+```
+📂 **`plugins/my-security-plugin/`** _(Root directory of the plugin)_
+│── 📂 `public/` _(Frontend-related code)_
+│ │── 📂 `groups/` _(Contains the different security-related groups)_
+│ │ │── 📂 `network-security/` _(New group: Network Security)_
+│ │ │ │── 📂 `apps/` _(Contains the individual applications in this group)_
+│ │ │ │ │── 📂 `firewall-monitoring/` _(First app: Firewall Monitoring)_
+│ │ │ │ │ │── 📄 `application.tsx` _(App entry point and rendering logic)_
+│ │ │ │ │ │── 📄 `firewall-monitoring-app.tsx` _(Main React component for the app)_
+│ │ │ │ │ │── 📄 `constants.ts` _(App-specific constants, titles, and IDs)_
+│ │ │ │ │── 📂 `network-anomaly-detection/` _(Second app: Network Anomaly Detection)_
+│ │ │ │ │ │── 📄 `application.tsx`
+│ │ │ │ │ │── 📄 `network-anomaly-detection-app.tsx`
+│ │ │ │ │ │── 📄 `constants.ts`
+│ │ │ │── 📄 `applications.ts` _(Registers all apps in this group)_
+│ │ │ │── 📄 `constants.ts` _(Defines the group ID, title, and description)_
+│ │ │ │── 📄 `index.ts` _(Registers the group and navigation details)_
+│ │── 📄 `category.ts` _(Defines categories for grouping apps in UI)_
+```
+
+---
+
+## **2️⃣ Creating a Group: `network-security`**
+
+A **group** represents a **category** of related applications.
+
+📌 **File:** `public/groups/network-security/constants.ts`
+
+```ts
+import { i18n } from '@osd/i18n';
+import { PLUGIN_ID } from '../../../common/constants';
+
+export const NETWORK_SECURITY_ID = 'network_security';
+export const NETWORK_SECURITY_TITLE = i18n.translate(
+  `${PLUGIN_ID}.category.${NETWORK_SECURITY_ID}`,
+  { defaultMessage: 'Network Security' },
+);
+export const NETWORK_SECURITY_DESCRIPTION = i18n.translate(
+  `${PLUGIN_ID}.category.${NETWORK_SECURITY_ID}.description`,
+  { defaultMessage: 'Monitor and secure your network infrastructure.' },
+);
+```
+
+📌 **File:** `public/groups/network-security/index.ts`
+
+```ts
+import { Subject } from 'rxjs';
+import {
+  App,
+  AppMountParameters,
+  AppUpdater,
+  ChromeNavGroup,
+  ChromeRegistrationNavLink,
+} from '../../../../../src/core/public';
+import { CATEGORY } from '../category';
+import { Group } from '../../../../wazuh-core/public/services/application/types';
+import { getNetworkSecurityApps } from './applications';
+import {
+  NETWORK_SECURITY_DESCRIPTION,
+  NETWORK_SECURITY_ID,
+  NETWORK_SECURITY_TITLE,
+} from './constants';
+
+export const NetworkSecurityNavGroup: Group<typeof NETWORK_SECURITY_ID> = {
+  getId: () => NETWORK_SECURITY_ID,
+  getTitle: () => NETWORK_SECURITY_TITLE,
+  getDescription: () => NETWORK_SECURITY_DESCRIPTION,
+
+  getNavGroup(): ChromeNavGroup {
+    return {
+      id: NETWORK_SECURITY_ID,
+      title: NETWORK_SECURITY_TITLE,
+      description: NETWORK_SECURITY_DESCRIPTION,
+    };
+  },
+
+  getAppGroup(): App {
+    return {
+      id: NETWORK_SECURITY_ID,
+      title: NETWORK_SECURITY_TITLE,
+      category: CATEGORY,
+      mount: async (_params: AppMountParameters) => () => {},
+    };
+  },
+
+  getGroupNavLink(): ChromeRegistrationNavLink {
+    return {
+      id: NETWORK_SECURITY_ID,
+      title: NETWORK_SECURITY_TITLE,
+      category: CATEGORY,
+    };
+  },
+
+  getAppsNavLinks(): ChromeRegistrationNavLink[] {
+    return getNetworkSecurityApps().map(app => ({
+      id: app.id,
+      title: app.title,
+    }));
+  },
+
+  getApps(
+    applicationService: ApplicationService,
+    updater$: Subject<AppUpdater>,
+  ): App[] {
+    return getNetworkSecurityApps(applicationService, updater$);
+  },
+};
+```
+
+---
+
+## **3️⃣ Creating an Application: `firewall-monitoring`**
+
+📌 **File:** `public/groups/network-security/apps/firewall-monitoring/constants.ts`
+
+```ts
+import { i18n } from '@osd/i18n';
+import { PLUGIN_ID } from '../../../../../common/constants';
+import { buildSubAppId } from '../../../../utils';
+import { NETWORK_SECURITY_ID } from '../../constants';
+
+export const FIREWALL_MONITORING_ID = buildSubAppId(
+  NETWORK_SECURITY_ID,
+  'firewall-monitoring',
+);
+export const FIREWALL_MONITORING_TITLE = i18n.translate(
+  `${PLUGIN_ID}.category.${FIREWALL_MONITORING_ID}`,
+  {
+    defaultMessage: 'Firewall Monitoring',
+  },
+);
+```
+
+📌 **File:** `public/groups/network-security/apps/firewall-monitoring/firewall-monitoring-app.tsx`
+
+```tsx
+import React from 'react';
+import { AppMountParameters } from 'opensearch-dashboards/public';
+import { FIREWALL_MONITORING_TITLE } from './constants';
+
+interface FirewallMonitoringProps {
+  params: AppMountParameters;
+}
+
+export const FirewallMonitoringApp = (_props: FirewallMonitoringProps) => (
+  <>{FIREWALL_MONITORING_TITLE} App</>
+);
+```
+
+📌 **File:** `public/groups/network-security/apps/firewall-monitoring/application.tsx`
+
+```tsx
+import React from 'react';
+import { AppMountParameters } from 'opensearch-dashboards/public';
+import ReactDOM from 'react-dom';
+import { NetworkSecurityNavGroup } from '../..';
+import { Layout } from '../../../layout';
+import { createSideNavItems } from '../../../side-nav';
+import { NETWORK_SECURITY_TITLE } from '../../constants';
+import { FirewallMonitoringApp } from './firewall-monitoring-app';
+import { FIREWALL_MONITORING_ID } from './constants';
+
+export const renderApp = async (
+  params: AppMountParameters,
+  { Layout }: AppProps,
+) => {
+  ReactDOM.render(
+    <Layout>
+      <FirewallMonitoringApp params={params} />
+    </Layout>,
+    params.element,
+  );
+
+  return () => ReactDOM.unmountComponentAtNode(params.element);
+};
+```
+
+---
+
+## **4️⃣ Registering Applications in the Group**
+
+📌 **File:** `public/groups/network-security/applications.ts`
+
+```ts
+import { Subject } from 'rxjs';
+import {
+  App,
+  AppMountParameters,
+  AppNavLinkStatus,
+  AppUpdater,
+} from '../../../../../src/core/public';
+import { ApplicationService } from '../../../../wazuh-core/public/services/application/application';
+import {
+  FIREWALL_MONITORING_ID,
+  FIREWALL_MONITORING_TITLE,
+} from './apps/firewall-monitoring/constants';
+import { NetworkSecurityNavGroup } from '.';
+
+export function getNetworkSecurityApps(
+  applicationService?: ApplicationService,
+  updater$?: Subject<AppUpdater>,
+): App[] {
+  const networkSecurityLayout = applicationService?.createLayout(
+    NetworkSecurityNavGroup,
+  );
+
+  return [
+    {
+      id: FIREWALL_MONITORING_ID,
+      title: FIREWALL_MONITORING_TITLE,
+      navLinkStatus: AppNavLinkStatus.hidden,
+      updater$,
+      mount: async (params: AppMountParameters) => {
+        const { renderApp } = await import(
+          './apps/firewall-monitoring/application'
+        );
+
+        return await renderApp(params, {
+          Layout: networkSecurityLayout!(FIREWALL_MONITORING_ID),
+        });
+      },
+    },
+  ];
+}
+```
+
+---
+
+## **5️⃣ Updating `category.ts` to Include the New Group**
+
+📌 **File:** `public/groups/category.ts`
+
+```ts
+import { AppCategory } from 'opensearch-dashboards/public';
+import { PLUGIN_TITLE, PLUGIN_ID } from '../../common/constants';
+
+export const CATEGORY: AppCategory = Object.freeze({
+  id: PLUGIN_ID,
+  label: PLUGIN_TITLE,
+  order: 5000,
+});
+```

plugins/wazuh-analysis/common/constants.ts

@@ -0,0 +1,6 @@
+import { i18n } from '@osd/i18n';
+
+export const PLUGIN_ID = 'wazuhAnalysis';
+export const ANALYSIS_PLUGIN_TITLE = i18n.translate(`${PLUGIN_ID}.title`, {
+  defaultMessage: 'Analysis',
+});

plugins/wazuh-analysis/opensearch_dashboards.json

@@ -0,0 +1,8 @@
+{
+  "id": "wazuhAnalysis",
+  "version": "5.0.0-00",
+  "opensearchDashboardsVersion": "opensearchDashboards",
+  "server": false,
+  "ui": true,
+  "requiredPlugins": ["opensearchDashboardsUtils", "wazuhCore"]
+}

plugins/wazuh-analysis/package.json

@@ -0,0 +1,25 @@
+{
+  "name": "wazuh-analysis",
+  "version": "5.0.0",
+  "revision": "00",
+  "pluginPlatform": {
+    "version": "2.18.0"
+  },
+  "description": "Wazuh Analysis",
+  "private": true,
+  "scripts": {
+    "build": "yarn plugin-helpers build --opensearch-dashboards-version=$OPENSEARCH_DASHBOARDS_VERSION",
+    "plugin-helpers": "node ../../scripts/plugin_helpers",
+    "osd": "node ../../scripts/osd",
+    "test:ui:runner": "node ../../scripts/functional_test_runner.js",
+    "test:server": "plugin-helpers test:server",
+    "test:browser": "plugin-helpers test:browser",
+    "test:jest": "node scripts/jest --runInBand",
+    "test:jest:runner": "node scripts/runner test"
+  },
+  "dependencies": {},
+  "devDependencies": {
+    "@testing-library/user-event": "^14.5.2",
+    "@types/": "testing-library/user-event"
+  }
+}

plugins/wazuh-analysis/public/application.tsx

@@ -0,0 +1,19 @@
+import React from 'react';
+import ReactDOM from 'react-dom';
+import { AppMountParameters } from 'opensearch-dashboards/public';
+import {
+  AnalysisApp,
+  AnalysisAppDependencies,
+} from './components/analysis-app';
+
+export const renderApp = async (
+  { history, element }: AppMountParameters,
+  dependencies: AnalysisAppDependencies,
+) => {
+  ReactDOM.render(
+    <AnalysisApp dependencies={dependencies} history={history} />,
+    element,
+  );
+
+  return () => ReactDOM.unmountComponentAtNode(element);
+};

plugins/wazuh-analysis/public/components/analysis-app.tsx

@@ -0,0 +1,18 @@
+import React from 'react';
+import { EuiPage, EuiPageBody, EuiPageContentBody } from '@elastic/eui';
+import { AppMountParameters } from '../../../../src/core/public';
+
+export interface AnalysisAppDependencies {}
+
+interface AnalysisAppProps {
+  history: AppMountParameters['history'];
+  dependencies: AnalysisAppDependencies;
+}
+
+export const AnalysisApp = (_props: AnalysisAppProps) => (
+  <EuiPage>
+    <EuiPageBody>
+      <EuiPageContentBody>AnalysisApp</EuiPageContentBody>
+    </EuiPageBody>
+  </EuiPage>
+);

plugins/wazuh-analysis/public/groups/category.ts

@@ -0,0 +1,8 @@
+import { AppCategory } from 'opensearch-dashboards/public';
+import { ANALYSIS_PLUGIN_TITLE, PLUGIN_ID } from '../../common/constants';
+
+export const CATEGORY: AppCategory = Object.freeze({
+  id: PLUGIN_ID,
+  label: ANALYSIS_PLUGIN_TITLE,
+  order: 5000,
+});