TopHatProductions115new
commented
1 week ago Currently testing the following change(s):
Default settings are way lower for JVM, iirc. Is it less than 1GB for many systems? I could be wrong...
Open TopHatProductions115new opened 1 week ago
TopHatProductions115new
commented
1 week ago Currently testing the following change(s):
Default settings are way lower for JVM, iirc. Is it less than 1GB for many systems? I could be wrong...
TopHatProductions115new
commented
1 week ago The previous changes appear to have worked. I'll leave this here, in case anyone else needs it.
I've been attempting to use Wazuh for a while. But, I've never been able to keep a single instance functional for long-term use.
With each attempt, I used the installation guide listed here (for the latest version available at the time):
I made any configuration changes that I needed (change password, apply certificates, etc.) to complete the initial setup. After setup, I can see connected agents and their metrics, security suggestions, etc. After having checked container logs (through Portainer), everything seems to be fine.
I then check back for the next few days, and nothing appears to be wrong. I change no settings after initial setup.
But when I come back weeks (or even months) later, the service either no longer starts or doesn't accept my username/password.
My latest attempt was with Wazuh 4.8.0. While I would like to move to 4.9.X, I'm wondering if I'll run into this same issue again.
The host that the containers are running on:
For this attempt, I saw the following from the container logs for the Indexer:
and this from the Dashboard's container logs:
After a quick search online (for the first screenshot), I saw some posts stating that it may be a JVM memory issue (potentially running out of memory?) -- which led me to these:
Am I on the right track? Is my instance configured incorrectly? How should I proceed?