sempervictus
commented
1 year ago Thanks for linking this @vikman90 - just to clarify a bit, is the determination to show the agent's address as IPv6 happening in Kibana, or is this specifically the task to deal with the visual representation of that selected address? All for getting the aesthetics worked out, just want to make sure the functional aspect of agent/framework interactions is not lost in the churn given that rules and scripts can depend on that address being IPv4.
vikman90
Description When listing agents in the wazuh-dashboard, in a lot of cases the dashboard will list the link-local IPv6 address of the node.
IPv6 link-local addresses are the most meaningless addresses of a host, since they are only valid on a local subnet, and must be used/accompanied with the corresponding interface index for the link-local address to be meaningful.
Preconditions
Wazuh agent has IPv6 support.
Steps to reproduce
Expected Result
Wazuh dashboard should probably order the host addresses, and list/show the address with the highest priority. Priorities could be, for example,:
If a system has multiple addresses, the dashboard should show one with the highest priority in the sample list above.
Actual Result
Wazuh dashboard quite often shows the IPv6 link-local address of the host.