Closed crlsgms closed 4 months ago
What I have done for now to mitigate this and continue the deploy, was to get the older .conf files from v4.7.3 zip file as they have the old configs without the indexer block, and with the old vulnerability-detector element.
That leads to another error, but the wazuh-manager service running.
<!-- Aggregate vulnerabilities -->
<provider name="nvd">
<enabled>yes</enabled>
<update_from_year>2010</update_from_year>
<update_interval>1h</update_interval>
</provider>
it claims when goes up that the update_from_year is not valid
Hello @crlsgms
For 4.8
we have implemented the new Vulnerability Detection
functionality, which replaces the current Vulnerability Detector
within Wazuh manager
.
Regarding the steps to upgrade from 4.7.x
to 4.8.0
, they will be added to our documentation at the time of release.
Regarding the change you say, that is only the Vulnerablity Detection
usage tag, in addition to that it is necessary to add several additional parameters, which are necessary for Vulnerability Detection
to work correctly, so that change alone would not help Vulnerability Detection
works, they would only correct the error that occurs when starting Wazuh manager
and finding a tag not supported by the version.
does that means that 4.7.3 will not work, and only on 4.8.x?
Is there a way to fix this anyhow for the current deployment to get the manager service working properly?
The configuration in Vulnerability Detector
belongs to v4.7.3
and the Vulnerability Detection
configuration belongs to v4.8.0
, until you update to v4.8.0
you should not change the configuration that v4.7.3
brings, you should reconfigure the Vulnerability Detector
configuration in your Wazuh manager.
I'm using 4.7.3 version, got from the infos from here - kubernetes local deployment
I had too many errors on 4.7.4, so got the last stable version, but comparing both master.conf and worker.conf, on wazuh-kubernetes/wazuh/wazuh_managers/wazuh_conf I noticed that the fixed version #20581 for 4.7.8 has some conflicts with the available package on wazuh-kubernetes.git, that I could be fixed on the current instructions for deployment, or update docs/ versions on the .git package.
one is easy to solve, just replace on both .conf files the values for the old element:
but the Indexer element issue still happens, as the .git package has the and 4.7.3 cannot interpret the element, blocking the wazuh-manager service to start.