search

wazuh / wazuh-installation-assistant

Wazuh - Installation assistant
https://wazuh.com/
GNU General Public License v2.0
0 stars 3 forks source link

Token variable is empty in manager check #44

Closed davidcr01 closed 1 month ago

davidcr01 commented 1 month ago

Description

Related:

In the #20 and https://github.com/wazuh/wazuh-virtual-machines/issues/20, we have observed that the Wazuh AIO installation is failing:

  "30/08/2024 09:55:12 INFO: Starting service wazuh-manager.",
  "Created symlink from /etc/systemd/system/multi-user.target.wants/wazuh-manager.service to /usr/lib/systemd/system/wazuh-manager.service.",
  "30/08/2024 09:55:23 INFO: wazuh-manager service started.",
  "30/08/2024 09:55:23 INFO: Checking Wazuh API connection",
  "30/08/2024 09:55:23 ERROR: Wazuh API connection Error. ",
  "wazuh-clusterd not running...",
  "wazuh-modulesd is running...",
  "wazuh-monitord is running...",
  "wazuh-logcollector is running...",
  "wazuh-remoted is running...",
  "wazuh-syscheckd is running...",
  "wazuh-analysisd is running...",
  "wazuh-maild not running...",
  "wazuh-execd is running...",
  "wazuh-db is running...",
  "wazuh-authd is running...",
  "wazuh-agentlessd not running...",
  "wazuh-integratord not running...",
  "wazuh-dbd not running...",
  "wazuh-csyslogd not running...",
  "wazuh-apid is running...",
  "30/08/2024 09:55:23 INFO: --- Removing existing Wazuh installation ---",

[!NOTE] This behavior seems to be random, and independent from the chosen OS.

After debugging this problem, we have detected that the TOKEN variable used to call the Wazuh API to check the status is empty:

++ curl -k -s -X GET 'https://127.0.0.1:55000/agents/outdated?pretty=true' -H 'Authorization: Bearer '\n+ wm_error=\n+ [[ '' =~ \"error\": 0 ]]\n+ common_logger -e 'Wazuh API connection Error

Probably, it has no value because the assistant calls the API immediately after starting the manager, and surely the API is not yet ready to receive requests, the TOKEN remains empty and the Wazuh API check fails.

Approach

A possible workaround is to ensure that the TOKEN variable is not empty before calling the Wazuh API, and perform several calls to the API to fetch the TOKEN until the Wazuh API is ready.