davidjiglesias
commented
5 years ago Hello Chris,
Thank you for your kind words.
Since you are running your Wazuh API behind the load balancer, I suggest to change API config.js file to account for it. By default, in line 16 config.BehindProxyServer is set to "no", you should set it to "yes". By default, you can find config.js in path /WAZUH_HOME/api/configuration/config.js
//In case the API run behind a proxy server, turn to "yes" this feature. Values: yes, no.
config.BehindProxyServer = "no";With this change, and after restarting the API, running the original script should get the agent properly registered.
I hope this solution works for you, please, do not hesitate to contact back with any issues you might find.
Best regards,
David J. Iglesias
We have our Wazuh API behind an AWS Application Load Balancer and when I use the PowerShell script you've kindly provided here: https://raw.githubusercontent.com/wazuh/wazuh-api/3.8/examples/api-register-agent.ps1, the Agent is registered with one of the private IPs of the load balancer, instead of the Agent host IP.
This causes the Agent to never connect and registering further agents is also a problem, as they conflict.
I've solved this by adding a variable in the configuration section that grabs the host's IP address (If there are multiple network cards then it picks the one with a default gateway.)
$host_ip = ( Get-NetIPConfiguration | Where-Object { $_.IPv4DefaultGateway -ne $null -and $_.NetAdapter.Status -ne "Disconnected" } ).IPv4Address.IPAddressand then updated the line below to send the IP address in the API call.
$response = req -method "POST" -resource "/agents" -params @{name=$agent_name;ip=$host_ip} | ConvertFrom-JsonNot sure if this is of interest or if you could incorporate something similar into your script but thought I'd share my experience.
Thanks for such a great tool!
Chris