Release/v11.2.5 (#1957)

* feat: implement gRPC client and service for collector management

* feat: remove unused GrpcInternalKeyInterceptor from collector service clients

* fix(module.service): return full response body instead of filtering AS_400 module

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add CollectorConfigDTO and unique server name validation

* feat: add CollectorConfigBuilder for constructing CollectorConfig from DTO

* feat: add CollectorGrpcService for managing collector operations via gRPC

* feat: update CollectorConfig validation and add CollectorService for gRPC integration

* feat: update CollectorValidatorService to use CollectorConfigDTO for validation

* feat: refactor UtmCollectorResource to use CollectorConfigDTO and CollectorOpsService

* feat: add logging to updateConfigurationKeys method in UtmModuleGroupConfigurationService

* feat: implement gRPC client and service for collector management

* feat: implement gRPC client and service for collector management

* fix(module.service): return full response body instead of filtering AS_400 module

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: implement gRPC client and service for collector management

* feat: remove unused GrpcInternalKeyInterceptor from collector service clients

* feat: implement gRPC client and service for collector management

* feat: implement gRPC client and service for collector management

* feat: implement gRPC client and service for collector management

* feat: remove unused GrpcInternalKeyInterceptor from collector service clients

* feat: add CollectorConfigDTO and unique server name validation

* feat: add CollectorConfigBuilder for constructing CollectorConfig from DTO

* feat: add CollectorGrpcService for managing collector operations via gRPC

* feat: update CollectorConfig validation and add CollectorService for gRPC integration

* feat: update CollectorValidatorService to use CollectorConfigDTO for validation

* feat: refactor UtmCollectorResource to use CollectorConfigDTO and CollectorOpsService

* feat: add logging to updateConfigurationKeys method in UtmModuleGroupConfigurationService

* fix(module.service): return full response body instead of filtering AS_400 module

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* refactor(collector): simplify DTOs and enhance service methods for listing collectors

* feat(assets-view): refactor asset detail handling and improve status display

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(RequestDsl): enhance search request handling for LIST_CHART visualization

* feat(RequestDsl): enhance search request handling for LIST_CHART visualization

* feat: add updates for Windows visualizations and default time range adjustments

* feat(netflow-filter): add IANA protocol mapping and improve field processing

* feat(assets-view): refactor asset detail handling and improve status display

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(netflow-filter): add update for Netflow filter version 3.1.1 and enhance field processing

* refactor(azure-plugin): extracts event processing logic into separate functions to handle JSON format detection (array vs object)

* feat(windows-visualizations): update outdated fields in Windows visualizations and normalize field names

* feat(windows-visualizations): update field names in Windows visualizations for consistency

* feat(open-alerts): optimize open alerts handling and improve local storage updates

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(visualization-list): integrate UtmToastService for error handling in visualization fetching

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(windows-visualizations): update field names in Windows visualizations for consistency

* feat(windows-visualizations): update field names in Windows visualizations for consistency

* feat(bitdefender-gz): add renaming for log.deviceIps, log.dvchost, and log.act fields

* feat(bitdefender-visualizations): normalize field names in Bitdefender GZ visualizations

* feat(vmware-visualizations): normalize field names in VMware visualizations

* feat(bitdefender-filter): add Bitdefender GravityZone filter update with field renaming and cleanup

* feat(dashboard-render): improve dashboard loading logic and enhance error handling for filters

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: implement gRPC client and service for collector management

* feat: implement gRPC client and service for collector management

* feat: implement gRPC client and service for collector management

* feat: remove unused GrpcInternalKeyInterceptor from collector service clients

* feat: add CollectorConfigDTO and unique server name validation

* feat: add CollectorConfigBuilder for constructing CollectorConfig from DTO

* feat: add CollectorGrpcService for managing collector operations via gRPC

* feat: update CollectorConfig validation and add CollectorService for gRPC integration

* feat: update CollectorValidatorService to use CollectorConfigDTO for validation

* feat: refactor UtmCollectorResource to use CollectorConfigDTO and CollectorOpsService

* feat: add logging to updateConfigurationKeys method in UtmModuleGroupConfigurationService

* fix(module.service): return full response body instead of filtering AS_400 module

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: implement gRPC client and service for collector management

# Conflicts:
#	backend/src/main/java/com/park/utmstack/config/CollectorConfiguration.java
#	backend/src/main/java/com/park/utmstack/grpc/client/CollectorServiceClient.java
#	backend/src/main/java/com/park/utmstack/grpc/client/PanelCollectorServiceClient.java
#	backend/src/main/java/com/park/utmstack/service/collectors/CollectorOpsService.java

* feat: implement gRPC client and service for collector management

* feat: implement gRPC client and service for collector management

* feat: remove unused GrpcInternalKeyInterceptor from collector service clients

* feat: implement gRPC client and service for collector management

* feat: implement gRPC client and service for collector management

* feat: implement gRPC client and service for collector management

* feat: remove unused GrpcInternalKeyInterceptor from collector service clients

* feat: update CollectorConfig validation and add CollectorService for gRPC integration

* refactor(collector): simplify DTOs and enhance service methods for listing collectors

* feat(collector): add methods for deleting collectors and updating groups

* feat(collector): add bulk upsert functionality for collector configurations

* refactor(collector): remove unused imports and simplify error handling in UtmCollectorResource

* feat(as400): add IBM AS/400 log collector

Implement standalone collector service for IBM AS/400 systems integration with UTMStack .

* feat(pipeline): update UTMStack collector build process to include AS400 collector

* feat(ibm-as400): update filter to version 3.0.1 with enhanced JSON parsing.

* update vmware-esxi filter

* update version vmware-esxi filter

* feat(collector): enhance collector configuration management and validation

* feat(vmware-esxi-filter): add update for VMware ESXi filter with enhanced parsing and cleanup

* feat(collector): enhance save button behavior and loading state in group configuration

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* refactor(collector): remove unused reset and update methods in utm-module-collector service

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(collector): add deleteAllConfigs method and update delete integration logic

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(collector): add deleteAllConfigs method and update delete integration logic

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* refactor(collector): clean up UtmCollectorResource by removing unused methods and comments

* feat(collector): implement search functionality for asset groups with filtering and pagination

* refactor(collector): clean up imports and remove commented-out code in service classes

* feat(collector): enhance collector management with improved error handling and new delete audit events

* feat[shared]: create shared dependencies

* feat[installer]: remove mfa in dev environments

* refactor[agent]: restructure collector, commands, and dependency management

* chore[go-deps]: update golang dependencies

* fix(collector): update sortable column from assetIp to hostname and disable starInterval

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* refactor(collector): streamline collector configuration and update API endpoints

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat[agent]: add macOS build pipeline and standardize binary naming

* refactor[agent]: sync updater with release/v11.2.3, remove legacy files

* fix[plugins]: add missing skipTlsVerification param to DoReq calls

* fix[ci]: correct macOS artifact paths in agent-manager build

* fix[frontend](guides): update agent guides

* fix(agent-manager): correct FilterScope to properly chain WHERE clauses and fix LIKE syntax

* feat(agent): add shell selection for command execution and fix agent registration

* fix(agent): download version.json during install before agent registration

* fix(updater,frontend): add legacy binary migration and fix agent search filter

* fix(agent): return errors from low-level packages instead of calling Fatal/Exit

* refactor[agent](collector): use fsnotify for config changes instead of polling

* feat(agent): add shell field to UtmCommand for enhanced command execution context

* feat(fortinet): update fortinet filter

* fix(filter): update IBM AS 400 filter  with enhanced JSON parsing and field mappings

* fix(filter): update IBM AS 400 filter

* chore(cleanup): remove unused integrations (Redis, Nginx, PostgreSQL, Apache, MySQL, MongoDB, Elastic, Logstash, Kibana, Kafka, NATS, Traefik, Audit, HAP, IIS, OSQuery)

* chore(cleanup): remove integrations (Redis, Nginx, PostgreSQL, Apache, MySQL, MongoDB, Elastic, Logstash, Kibana, Kafka, NATS, Traefik, Audit, HAP, IIS, OSQuery)

* feat(logstash): enhance logstash stats retrieval with improved error handling and pipeline status management

* fix(system_linux): update filter  with enhanced JSON parsing and field normalization

* feat(filter): add Linux filter update with enhanced JSON parsing and field normalization

* feat(visualization): add update for Linux visualizations to normalize field names and improve dataset consistency

* feat(windows): update windows filter

* feat(saml): enhance SAML registration with improved error handling and environment variable validation

* feat(saml): improve SAML provider loading with enhanced error handling and logging

* feat(saml): enhance SAML provider loading with improved error handling and logging

* feat(correlation): add updates for winevent correlation rules

* feat(winevent): add updates for winevent correlation rules and filter

* feat(winevent): update filter version and rename log fields for improved clarity

* feat(visualizations): update Windows visualizations to align with logstash filter v3.1.0 field transformations

* feat(import): disable back button during loading and fix spacing in upload error message

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(idp): enhance metadata URL validation with improved error handling and encryption key checks

* feat(idp): refactor encryption key handling with dedicated validation method

* feat(saml): implement SAML metadata fetching and provider loading with timeout handling

* feat(saml): enhance SAML2 login success handling with improved user not found logging and provider reloading

* feat(saml): update host retrieval in SAML2 login success handler to use X-Forwarded-Host header

* feat(saml): refactor SAML metadata fetching to improve error handling and registration building

* feat(platforms): enhance platform creation with additional Linux ARM64 support and update Windows service paths

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix(config): detect filter and rule deletions by tracking active row counts

hasChanges only checked MAX(timestamp) increases, missing deletions where
the timestamp didn't advance. Now also compares COUNT of active rows so
deactivations and hard deletes trigger config file regeneration.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Update go-sdk dependency across multiple plugins

* feat(logstash): integrate Monaco Editor for YAML filter definition and enhance form styling

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: update filter card interaction to improve usability

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(rule-view): integrate Monaco Editor for YAML editing and enhance styling

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: update Windows service paths for UTMStack agent

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(db): add unique constraint on asset_name in utm_tenant_config table

* feat(tenant-config): add findByAssetName method to retrieve UtmTenantConfig by asset name

* feat(data-input-status): add methods to retrieve data input status by source and build sources list from tenant config

* feat(data-input-status): add methods to retrieve data input status by source and build sources list from tenant config

* feat(data-input-status): add methods to retrieve data input status by source and build sources list from tenant config

* feat(data-input-status): add methods to retrieve data input status by source and build sources list from tenant config

* feat(data-input-status): add alias column and update logic for data input status

* feat: remove alert from addTag function in fields-selector component

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix: deprecate enable parameter in TFA section

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat(.gitignore): add .env file to ignore list

* fix: update winevent correlation rules

* fix: update winevent correlation rules

* fix: update bit-defender correlation rules

* fix: update deceptive-bytes correlation rules

* fix: update eset correlation rules

* fix: update kaspersky  correlation rules

* fix: update cisco-asa  correlation rules

* fix: update cisco-switch correlation rules

* fix: update cisco-firepower correlation rules

* fix: update cisco-meraki correlation rules

* fix: update cisco-meraki correlation rules

* fix: update aws correlation rules

* fix: update azure correlation rules

* fix: update google correlation rules

* feat: add crowdstrike correlation rules

* feat: add crowdstrike correlation rules

* refactor(rule-view): move and rename rule-view component files

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: add crowdstrike correlation rules

* feat: implement asset synchronization service and source activity provider

* feat: add data source validation service for critical data sources

* refactor(asset-sync): rename sync method and improve logging messages

* fix(filters): correct IP and hostname field mapping in Windows events

* feat(filters): enhance Fortinet field mapping and cleanup

* fix(agent): use net.ListenPacket for UDP port binding check

net.Listen only supports TCP, causing all UDP integrations to fail
with "port already in use by another process" error. Now using
net.ListenPacket for UDP protocol validation.

* feat(macos): update filter to version 3.0.1 and rename fields for consistency

* feat: enhance asset synchronization by resolving asset names from tenant configuration

* fix: update fortigate and windows filter

* feat: enhance configuration saving logic with support for multiple groups

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix(asset-sync): adjust scheduling parameters for data synchronization

* fix: remove duplicate imports in int-generic-group-config component

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: implement password reset functionality with expiration handling and logging

* feat: implement password reset functionality with expiration handling and logging

* feat: implement password reset functionality with expiration handling and logging

* feat: update layout for password reset component

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: enhance password reset logic to handle missing key scenario

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: improve password reset feedback and add back to login button

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* chore: fix conflicts

* feat: update UTMStack deployment pipeline to build and upload AS400 collectors

* refactor(as400): reorganize logservice package and improve log processing logic

* fix: update path for AS400 collector JAR in deployment pipeline

* fix: correct updater service name in DownloadUpdater function

* feat: update AS400 installation instructions and add pre-installation requirements

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix(as400): update  service path to include 'as400' in InstallUpdater and UninstallUpdater functions

* feat: add SAML2 proxy configuration for authentication

* fix: improve installation and uninstallation scripts for AS400 collector

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix(as400): correct REPLACE_KEY declaration

- Change REPLACE_KEY from const to var to allow -ldflags -X injection

* fix: handle null return case in saveCollector method

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* refactor: update FileFieldEnum values for consistency with new logging format

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* feat: enhance module deletion process with event processing and DTO mapping

* feat: implement deleteAndFetch method for module group deletion with event processing

* refactor(crowdstrike): migrate from polling to real-time event streaming

- Replaced polling-based event collection with real-time streaming architecture
- Implemented persistent stream management with automatic reconnection
- Added dynamic configuration reloading with live stream updates
- Introduced per-stream offset tracking to prevent duplicate events

* fix: uncomment admin authority container in management sidebar

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>

* fix[backend](data-sources): fixed data sources variable source selection on filter

* fix[frontend](o365_integration_guide): removed unneeded steps and signalized security indications about storing certificates

* changeset[backend](rules): added 'Windows Token Manipulation' removal change set'

* feat(filters/azure): add WAF properties and client connection field mappings

* feat(filters/crowdstrike): refactor field mappings and add detection support

* feat(filters/filebeat): add CPU and memory usage fields for systemd units

* feat(filters/o365): integrate geolocation plugin for origin IP enrichment

* changeset[backend](rules): updated croudstrike rules changelog

* changeset[backend](filters): updated o365, crowdstrike, system_linux and azure filters

* fix[backend](filters): fixed azure filter definition

* fix[backend](filters): fixed crowdstrike filter definition

* fix[backend](filters): fixed filebeat linux filter

* fix[backend](filters): fixed o365 linux filter

* changeset[backend](filters): added ibm_as400 filter changeset

* fix[backend](filters): fixed as400 and azure syntax errors

* update windows-events filter

* update windows-events filter

* changeset[backend](window rule): removed 'Windows: Execution of Persistent Suspicious Program'

* changeset[backend](windows filter): updated windows filter changeset

* Update Go SDK

* update windows-events filter

* chanelog[frontend](window_filter): updated windows filter

* fix[frontend](file_classification): setted action mask to a decimal integer

* fix[frontend](file_classification): fixed event fields and names to fit filters

* fix[frontend](file_classification): fixed access mask enum type setted to numeric values and matched to hex on filter show

* fix[frontend](file_classification): fixed overflow and scroll on tabular view

* fix[frontend](file_classification): sync scroll with logexplorer one

* fix[frontend](cisco-switch-int-guide): changed cisco switch int guide command 'cisco' by 'cisco-switch'

* fix[frontend](cisco-int-guide): added right data type names on cisco integrations

* fix[frontend](collector): fixed collector details endpoint call

* fix[backend](collector): fixed collission path error on asset-group (PUT) and asset-groups (GET)

* fix[frontend](collector): fixed collection groups endpoint name

* changeset[backend](windows dll filter): removed rundll32 no arguments and abuse rule

* update microsoft365 filter

* changeset[backend](o365 filter): updated o365 filter

* fic[backend](changeset): fixed o365 filter changeset '

* fix(as400): resolve installation and config handling issues

- Add DEBIAN_FRONTEND=noninteractive to prevent apt hanging during Java install
- Filter Log4j2 INFO/DEBUG messages from stderr to avoid false error logs
- Allow empty server configuration when all configs are removed from panel
- Stop JAR process and remove config file when no servers are configured

* fix[backend](o365_filter_changeset): fixed xml parsing error

* update azure-eventhub filter

* changeset[backend](azure): updated azure event hub filter

---------

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
Co-authored-by: Manuel Abascal <mjabascal10@gmail.com>
Co-authored-by: JocLRojas <joc.l.rojas02@gmail.com>
Co-authored-by: Yadian Llada Lopez <yadian.llada@gmail.com>
Co-authored-by: Osmany Montero <osmontero@icloud.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: AlexSanchez-bit <sanchez.saez.alex01@gmail.com>
Co-authored-by: Alex Sánchez <alessq732@gmail.com>
Co-authored-by: Alex Sánchez <alex.sanchez@utmstack.com>

Author: 7 people

.github/workflows/v11-deployment-pipeline.yml

@@ -310,18 +310,29 @@ jobs:
       - name: Check out code into the right branch
         uses: actions/checkout@v4
 
-      - name: Build UTMStack Collector
+      - name: Build UTMStack Collectors
         run: |
           echo "Building UTMStack Collector..."
           cd ${{ github.workspace }}/utmstack-collector
 
           GOOS=linux GOARCH=amd64 go build -o utmstack_collector -v -ldflags "-X 'github.com/utmstack/UTMStack/utmstack-collector/config.REPLACE_KEY=${{ secrets.AGENT_SECRET_PREFIX }}'" .
 
+          echo "Building UTMStack AS400 Collector..."
+
+          cd ${{ github.workspace }}/as400
+          GOOS=linux GOARCH=amd64 go build -o utmstack_as400_collector_service -v -ldflags "-X 'github.com/utmstack/UTMStack/as400/config.REPLACE_KEY=${{ secrets.AGENT_SECRET_PREFIX }}'" .
+
+          cd ${{ github.workspace }}/as400/updater
+          GOOS=linux GOARCH=amd64 go build -o utmstack_as400_updater_service -v .
+
       - name: Upload collector binary as artifact
         uses: actions/upload-artifact@v4
         with:
-          name: utmstack-collector
-          path: ${{ github.workspace }}/utmstack-collector/utmstack_collector
+          name: utmstack-collectors
+          path: |
+            ${{ github.workspace }}/utmstack-collector/utmstack_collector
+            ${{ github.workspace }}/as400/utmstack_as400_collector_service
+            ${{ github.workspace }}/as400/updater/utmstack_as400_updater_service
           retention-days: 1
 
   build_agent_manager:
@@ -339,10 +350,10 @@ jobs:
           name: signed-agents
           path: ${{ github.workspace }}/agent
 
-      - name: Download UTMStack Collector from artifacts
+      - name: Download UTMStack Collectors from artifacts
         uses: actions/download-artifact@v4
         with:
-          name: utmstack-collector
+          name: utmstack-collectors
           path: ${{ github.workspace }}/utmstack-collector
 
       - name: Download signed macOS agents from artifacts
@@ -357,12 +368,16 @@ jobs:
           GOOS=linux GOARCH=amd64  go build -o agent-manager -v .
 
           mkdir -p ./dependencies/collector
-          curl -sSL "https://storage.googleapis.com/utmstack-updates/dependencies/collector/linux-as400-collector.zip" -o ./dependencies/collector/linux-as400-collector.zip
-          curl -sSL "https://storage.googleapis.com/utmstack-updates/dependencies/collector/windows-as400-collector.zip" -o ./dependencies/collector/windows-as400-collector.zip
-
-          cp "${{ github.workspace }}/utmstack-collector/utmstack_collector" ./dependencies/collector/
+          cp "${{ github.workspace }}/utmstack-collector/utmstack-collector/utmstack_collector" ./dependencies/collector/
           cp "${{ github.workspace }}/utmstack-collector/version.json" ./dependencies/collector/
 
+          mkdir -p ./dependencies/collector/as400
+          curl -sSL "https://storage.googleapis.com/utmstack-updates/dependencies/collector/as400-collector.jar" -o ./dependencies/collector/as400/as400-collector.jar
+
+          cp "${{ github.workspace }}/as400/version.json" ./dependencies/collector/as400/
+          cp "${{ github.workspace }}/utmstack-collector/as400/utmstack_as400_collector_service" ./dependencies/collector/as400/
+          cp "${{ github.workspace }}/utmstack-collector/as400/updater/utmstack_as400_updater_service" ./dependencies/collector/as400/
+
           mkdir -p ./dependencies/agent/
 
           # Linux agents
@@ -405,6 +420,7 @@ jobs:
         with:
           context: ./agent-manager
           push: true
+          provenance: false
           tags: ghcr.io/utmstack/utmstack/agent-manager:${{ needs.setup_deployment.outputs.tag }}
 
   build_event_processor:
@@ -460,6 +476,7 @@ jobs:
           context: .
           file: ./event_processor.Dockerfile
           push: true
+          provenance: false
           tags: ghcr.io/utmstack/utmstack/eventprocessor:${{ needs.setup_deployment.outputs.tag }}
           build-args: |
             BASE_IMAGE=ghcr.io/threatwinds/eventprocessor/base:${{ needs.setup_deployment.outputs.event_processor_tag }}

as400/README.md

@@ -0,0 +1,50 @@
+# UTMStack AS400 Collector
+
+Log collection service for IBM AS/400 (iSeries) systems that integrates with the UTMStack platform for security analysis and event correlation.
+
+## General Description
+
+UTMStack AS400 Collector is a service written in Go that acts as a bridge between IBM AS/400 systems and the UTMStack platform. The service is installed on an intermediate server, connects to multiple remotely configured AS/400 systems, collects security logs, and transmits them in real-time to the UTMStack server for analysis.
+
+### Key Features
+
+- **Multi-Server Collection**: Support for multiple AS/400 systems simultaneously
+- **Remote Configuration**: Management of AS/400 servers from the UTMStack panel via gRPC streaming
+- **Local Persistence**: Temporary log storage in SQLite to ensure delivery in case of network failures
+- **Auto-Updates**: Automatic update service included
+- **Automatic Reconnection**: Robust handling of disconnections with automatic retries
+- **Configurable Retention**: Control of local database size by retention in megabytes
+- **Security**: AES encryption for credentials and TLS communication with the server
+
+## Requirements
+
+- **Operating System**: Linux (recommended)
+- **Connectivity**: Network access to:
+    - UTMStack server (ports 9000, 9001, 50051)
+    - AS/400 systems to monitor
+- **Java**: Installed automatically during installation
+- **Privileges**: Administrator/root permissions to install the service
+
+### Installation Process
+
+1. Verify connectivity with the UTMStack server
+2. Download dependencies (collector Java JAR, updater)
+3. Install Java Runtime if necessary
+4. Register the collector with UTMStack's Agent Manager
+5. Create and enable the system service
+6. Install the auto-update service
+
+## Configuration of AS/400 Servers
+
+Configuration of AS/400 servers to monitor is performed **from the UTMStack panel**, not locally. The collector automatically receives configuration.
+
+### Parameters per Server
+
+- **Tenant**: Identifier name of the group/server
+- **Hostname**: IP address or hostname of the AS/400
+- **User ID**: Connection user to the AS/400
+- **Password**: Password (automatically encrypted)
+
+## License
+
+This project is part of UTMStack. Consult the main project license for more information.