Upgraded to latest wazuh client that fixes fetching critical vulnerabilities

2025-07-13 15:14:48 -06:00 · 2025-06-24 12:03:58 -07:00 · 2025-06-24 12:03:58 -07:00 · 77914b5097
commit 77914b5097
parent 943fabddd3
2 changed files with 9 additions and 10 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@ -9,7 +9,7 @@ repository = "https://github.com/gbrigandi/mcp-server-wazuh"
 readme = "README.md"

 [dependencies]
-wazuh-client = "0.1.3" 
+wazuh-client = "0.1.4" 
 rmcp = { version = "0.1.5", features = ["server", "transport-io"] }
 tokio = { version = "1", features = ["full"] }
 reqwest = { version = "0.12", features = ["json", "rustls-tls"], default-features = false }
--- a/src/main.rs
+++ b/src/main.rs
@ -83,7 +83,7 @@ use std::env;
 use clap::Parser;
 use dotenv::dotenv;

-use wazuh_client::{WazuhClientFactory, WazuhIndexerClient, RulesClient, VulnerabilityClient, AgentsClient, LogsClient, ClusterClient, Port as WazuhPort};
+use wazuh_client::{WazuhClientFactory, WazuhIndexerClient, RulesClient, VulnerabilityClient, VulnerabilitySeverity, AgentsClient, LogsClient, ClusterClient, Port as WazuhPort};

 #[derive(Parser, Debug)]
 #[command(name = "mcp-server-wazuh")]
@ -532,7 +532,7 @@ impl WazuhToolsServer {
                &agent_id,
                Some(1000), // Get more results to filter
                Some(offset),
-                params.severity.as_deref(),
+                params.severity.as_deref().and_then(VulnerabilitySeverity::from_str)
            ).await {
                Ok(all_vulns) => {
                    let filtered: Vec<_> = all_vulns
@ -549,7 +549,7 @@ impl WazuhToolsServer {
                &agent_id,
                Some(limit),
                Some(offset),
-                params.severity.as_deref(),
+                params.severity.as_deref().and_then(VulnerabilitySeverity::from_str)
            ).await
        };

@ -566,12 +566,11 @@ impl WazuhToolsServer {
                let mcp_content_items: Vec<Content> = vulnerabilities
                    .into_iter()
                    .map(|vuln| {
-                        let severity_indicator = match vuln.severity.to_lowercase().as_str() {
-                            "critical" => "🔴 CRITICAL",
-                            "high" => "🟠 HIGH",
-                            "medium" => "🟡 MEDIUM", 
-                            "low" => "🟢 LOW",
-                            _ => &vuln.severity,
+                        let severity_indicator = match vuln.severity {
+                            VulnerabilitySeverity::Critical => "🔴 CRITICAL",
+                            VulnerabilitySeverity::High => "🟠 HIGH",
+                            VulnerabilitySeverity::Medium => "🟡 MEDIUM", 
+                            VulnerabilitySeverity::Low => "🟢 LOW",
                        };

                        let published_info = if let Some(published) = &vuln.published {