Closed Afilsi closed 4 years ago
Hello @Afilsi ,
The problem may be related to a bug in vulnerability detector, the Redhat feed database made a change and that caused the error in our module.
If you can update your version of Wazuh, I recommend that you install the new version 3.12.2, where this problem is solved.
If this is not possible, try this workaround:
For your version, and Wazuh versions after 3.11, inside your vulnerability configuration do this for the RedHat feed:
<provider name="redhat">
<enabled>no</enabled>
</provider>
Then restart your Wazuh manager:
systemctl restart wazuh-manager
Please make sure the manager is properly working afterwards.
In the future, we will use our own feed and we will not depend on any external resources, avoiding problems like this one. Also, we are working on increasing the resilience of the product.
Apologies for the inconvenience and do not hesitate to contact us if you have further problems.
Regards,
Hello @juankaromo , Thank you very much for your quick answer! Indeed, disabling the RedHat stream allows us to restart the systems. This was our priority, but we are trying to update the solution in the coming days. Thanks again.
Regards, Afilsi
hi my version of wazuh is 4.1 and i am still experiencing the same problem. I already turned off the vulnerability scan for redhat as advised but im still having error. here is my /var/ossec/logs if it helps
2021/05/10 08:06:22 ossec-syscheckd: INFO: (1225): SIGNAL [(15)-(Terminated)] Re ceived. Exit Cleaning... 2021/05/10 08:06:22 ossec-analysisd[157625] sig_op.c:49 at HandleSIG(): INFO: (1 225): SIGNAL [(15)-(Terminated)] Received. Exit Cleaning... 2021/05/10 08:06:22 ossec-execd: INFO: (1225): SIGNAL [(15)-(Terminated)] Receiv ed. Exit Cleaning... 2021/05/10 08:06:22 wazuh-db: INFO: (1225): SIGNAL [(15)-(Terminated)] Received. Exit Cleaning... 2021/05/10 08:06:23 ossec-authd: INFO: (1225): SIGNAL [(15)-(Terminated)] Receiv ed. Exit Cleaning...
disabling Redhat Worked for me, but i needed it specifically for Redhat. anything I can do for this?
Hello, I have Wazuh installed in a server and he worked perfectly for somes day, but now I have this error:
I have try to restart all services, reboot the server, but the error is still present... I have no idea of what is the problem....
systemctl status wazuh-manager
systemctl status wazuh-api
systemctl status elasticsearch
systemctl status filebeat
systemctl status kibana
cat /usr/share/kibana/plugins/wazuh/package.json
curl -u "user:password" "localhost:55000/?pretty"
curl localhost:9200/
cat /usr/share/kibana/plugins/wazuh/wazuh.yml