Release 4.8.0 - RC 1 - Footprint Metrics - MACOS-SOLARIS (2.5d)

[wazuhci]

Footprint metrics information

Main release stage issue #	#23246
Main footprint metrics issue #	#23254
Version	4.8.0
Release stage #	RC 1
Tag	https://github.com/wazuh/wazuh/tree/v4.8.0-rc1

Stress test documentation

Packages used

• Repository: packages-dev.wazuh.com

• Package path: pre-release

• Package revision: 1

• Jenkins build: https://ci.wazuh.info/job/Test_stress_Vagrant/208/

---

Manager

+

Plots

              

• Logs and configuration

  [ossec_Test_stress_Vagrant_B208_manager_2024-05-06.zip](https://ci.wazuh.com/data/Test_stress_Vagrant/pre-release/4.8.0/B208-3600m/B208_manager_centos/logs/ossec_Test_stress_Vagrant_B208_manager_2024-05-06.zip)
• CSV

  [monitor-manager-Test_stress_Vagrant_B208_manager-pre-release.csv](https://ci.wazuh.com/data/Test_stress_Vagrant/pre-release/4.8.0/B208-3600m/B208_manager_centos/data/monitor-manager-Test_stress_Vagrant_B208_manager-pre-release.csv) [Test_stress_Vagrant_B208_manager_analysisd_events.csv](https://ci.wazuh.com/data/Test_stress_Vagrant/pre-release/4.8.0/B208-3600m/B208_manager_centos/data/Test_stress_Vagrant_B208_manager_analysisd_events.csv) [Test_stress_Vagrant_B208_manager_analysisd_state.csv](https://ci.wazuh.com/data/Test_stress_Vagrant/pre-release/4.8.0/B208-3600m/B208_manager_centos/data/Test_stress_Vagrant_B208_manager_analysisd_state.csv) [Test_stress_Vagrant_B208_manager_remoted_state.csv](https://ci.wazuh.com/data/Test_stress_Vagrant/pre-release/4.8.0/B208-3600m/B208_manager_centos/data/Test_stress_Vagrant_B208_manager_remoted_state.csv)

Centos agent

+

Plots

• Logs and configuration
• CSV

Ubuntu agent

+

Plots

• Logs and configuration
• CSV

Windows agent

+

Plots

• Logs and configuration
• CSV

macOS agent

+

Plots

        

• Logs and configuration

  [ossec_Test_stress_Vagrant_B208_macos_2024-05-06.zip](https://ci.wazuh.com/data/Test_stress_Vagrant/pre-release/4.8.0/B208-3600m/B208_agent_macos/logs/ossec_Test_stress_Vagrant_B208_macos_agent_2024-05-06.zip)
• CSV

  [monitor-agent-Test_stress_Vagrant_B208_macos_agent-pre-release.csv](https://ci.wazuh.com/data/Test_stress_Vagrant/pre-release/4.8.0/B208-3600m/B208_agent_macos/data/monitor-agent-Test_stress_Vagrant_B208_macos_agent-pre-release.csv) [Test_stress_Vagrant_B208_macos_agent_agentd_state.csv](https://ci.wazuh.com/data/Test_stress_Vagrant/pre-release/4.8.0/B208-3600m/B208_agent_macos/data/Test_stress_Vagrant_B208_macos_agent_agentd_state.csv)

Solaris agent

+

Plots

        

• Logs and configuration

  [ossec_Test_stress_Vagrant_B208_solaris_2024-05-06.zip](https://ci.wazuh.com/data/Test_stress_Vagrant/pre-release/4.8.0/B208-3600m/B208_agent_solaris/logs/ossec_Test_stress_Vagrant_B208_solaris_agent_2024-05-06.zip)
• CSV

  [monitor-agent-Test_stress_Vagrant_B208_solaris_agent-pre-release.csv](https://ci.wazuh.com/data/Test_stress_Vagrant/pre-release/4.8.0/B208-3600m/B208_agent_solaris/data/monitor-agent-Test_stress_Vagrant_B208_solaris_agent-pre-release.csv) [Test_stress_Vagrant_B208_solaris_agent_agentd_state.csv](https://ci.wazuh.com/data/Test_stress_Vagrant/pre-release/4.8.0/B208-3600m/B208_agent_solaris/data/Test_stress_Vagrant_B208_solaris_agent_agentd_state.csv)

Conclusion :yellow_circle:

Plots compared to 4.7.4-RC2

Logs :yellow_circle:

Known issues:

• https://github.com/wazuh/wazuh-jenkins/issues/4867
• https://github.com/wazuh/wazuh-jenkins/issues/5538
• https://github.com/wazuh/wazuh/issues/22565
• https://github.com/wazuh/wazuh-jenkins/issues/4481
• https://github.com/wazuh/wazuh/issues/9311
• https://github.com/wazuh/wazuh-jenkins/issues/4469
• https://github.com/wazuh/wazuh/issues/21297
• https://github.com/wazuh/wazuh/issues/17596

Graphs :yellow_circle:

Known issues:

• https://github.com/wazuh/wazuh/issues/22601
• https://github.com/wazuh/wazuh/issues/22841

[santipadilla]

Analysis report :yellow_circle:

Logs :yellow_circle:

macOS

- Reported in https://github.com/wazuh/wazuh-jenkins/issues/4867 - Known issue ``` 2024/05/03 15:33:56 wazuh-agentd ERROR: (1216): Unable to connect to '[172.31.5.169]:1514/tcp': 'Connection refused'. 2024/05/06 03:36:15 wazuh-agentd ERROR: (1137): Lost connection with manager. Setting lock. 2024/05/06 03:36:25 wazuh-syscheckd WARNING: Process locked due to agent is offline. Waiting for connection... 2024/05/06 03:36:15 wazuh-agentd ERROR: Connection socket: Operation timed out (60) 2024/05/04 03:34:50 wazuh-agentd ERROR: Connection socket: Connection reset by peer (54) ``` - Reported in https://github.com/wazuh/wazuh-jenkins/issues/5538 - Known issue ``` [2024-05-03_21:35:11] [WARNING] Error reading /var/ossec/logs/ossec.log: [Errno 2] No such file or directory: '/var/ossec/logs/ossec.log'\n ```

Manager

- Expected in stress test ``` 2024/05/03 15:23:04 wazuh-logcollector WARNING: Target 'agent' message queue is full (1024). Log lines may be lost. 2024/05/06 00:00:11 sca WARNING: Interval overtaken. 2024/05/04 21:24:54 wazuh-remoted WARNING: Message queue is full (10). Events may be lost. ``` - Reported in: https://github.com/wazuh/wazuh/issues/22565 - Known issue ``` 2024/05/03 15:22:00 indexer-connector WARNING: IndexerConnector initialization failed for index 'wazuh-states-vulnerabilities', retrying until the connection is successful. 2024/05/03 15:22:00 indexer-connector WARNING: No username and password found in the keystore, using default values. 2024/05/03 15:23:12 indexer-connector WARNING: Failed to sync agent '000' with the indexer. ``` - Reported in https://github.com/wazuh/wazuh-jenkins/issues/4481 - Known issue ``` 2024/05/06 00:21:13 wazuh-modulesd:azure-logs ERROR: azure-activity: Returned error code: '1'. ``` - Reported in https://github.com/wazuh/wazuh/issues/9311 - Known issue ``` 2024/05/03 15:34:02 wazuh-modulesd:oscap ERROR: Internal error. Exiting... ``` - Reported in https://github.com/wazuh/wazuh-jenkins/issues/4469 - Known issue ``` 2024/05/03 15:34:02 wazuh-modulesd:ciscat WARNING: No evals defined. Exiting... ``` - Reported in https://github.com/wazuh/wazuh/issues/21297 - Known issue ``` 2024/05/04 03:34:54 wazuh-remoted WARNING: (1404): Authentication error. Wrong key or corrupt payload. Message received from agent '002' at 'any'. ``` - Reported in: https://github.com/wazuh/wazuh/issues/17596 - Known issue ``` 2024/05/04 03:34:54 wazuh-remoted WARNING: Too big message size from socket [30]. 2024/05/04 03:34:54 wazuh-remoted WARNING: Unexpected message (hex): '5aff71ffff60ffffff1823ff60ff59137eff40ffffffff02ff1d20ffffff54ffffffffff24ffff09ffff7effffffff10134166ff23ff54ffff3affff79ff2519ff694b32ff5732ff4affff5d0e0c1a3e613fffffff22ff4609ffffffff0032ffff26ff77ff00ffffffffff45ffff78792e00ff62ffffff23ff6cff0100002130303221234145533affff79ff1966631eff14ff2d23ffffffffffffffff0b1e072f4849ffffff44ff693dff07ffffff382cff7b194eff693168ffff6a0a5b6846256cff2dffff09ff4cff5727ffffff6344ffffff566e7c10ffff4858ffffff3926ff752042ff45ff1f483fff3cffffff69ffffffff3dffffff0bff7fffff1dff542aff50ffffffff02ffffff0355ff02ffff0eff4f55ffff3cff44ff33ff4b18333bffff711c63ffffffffffffff3e143a25ffff3fffffffffff53ffff66ff39ffff6fff2055ffffff635cff0fff4d07ff151affffffff3aff78ffff2e7376ff7fffffffff62ffffffffffffff7c30ffffff0e47ffffffffffffff32554423ff652504ff5dffffff620fffff2f53ffffffffff27ff54ffffff3bff3f19ff617266ff0cffffff1fffff42ffff345f3132ffff5c5cff76ffff1b59ff0fff0b50ffffffff225529ffff18ffff33ff02ffffff38ff5855ff513c4e6dff14ffff715f551eff1f02ff7eff70ff53ffffffffff2bff7dffffffff4c24ff2eff5053ffff644b292c62ffffffffff7077ff2d1eff45ff6dffff0affffffff5fffff1b14ff29ff230c712542ff75ffffffff0033ffff377534ffff2b34ff0100002130303221234145533aff774425ff07ffffffffffff426bffff5923ff302f3e3d1affffffff132650ffffff275affffffffff5511ffff14ffff25651bff006effff2fffffffffffffffff142cff4effffffffffff34125a3675ffff5733ff0304ffff0a56ffff4747ffff31ffffffff75ffff2bff39ffffff32ffffffffff0d102fff6bff64ffff21477affff7615ffff00ffff2a2a74761678ff1b270affffffff190affffff2706ffff25ffff30ffffff3e59ffffffffff7eff4dff74ff303954ff5effff5d50ff41ff767b29ffff0bffff17ffffffffff446e0072ff1dffff6d71ff0b30ffffff38ff46547f1f68254e5742ff30ff38ff611fff4049ffff40ffff360dffffffff2602ffffffffff11ff4dff4526ffffffff06ffff6f1e1b526d5a6cffff46227a2dffff2c0eff67084eff0affff11ff35ffffffff45ffffffff4fffffff38ffffff05546b62607bffff6affff7dffff2c04ffffff72ffff76ffffff420dffffffffffffff39ffffffff7d3d31580aff0effff0707ffffffffff1563ff400e5bffffff5fff51ff7cff3132ff33ffff0304266c13ff01ff20225f15ff2fff7d612e63ffffff720f2aff0aff5f696aff43ff19ff4bff35ff2811ff70ff' ```

Solaris

- Reported in https://github.com/wazuh/wazuh-jenkins/issues/4867 - Known issue ``` 2024/05/03 15:33:49 wazuh-agentd ERROR: (1137): Lost connection with manager. Setting lock. 2024/05/03 15:33:49 wazuh-agentd ERROR: (1216): Unable to connect to '[172.31.5.169]:1514/tcp': 'Connection refused'. 2024/05/03 15:33:49 wazuh-syscheckd WARNING: Process locked due to agent is offline. Waiting for connection... ``` - Reported in https://github.com/wazuh/wazuh-jenkins/issues/4469 - Known issue ``` 2024/05/03 15:28:08 wazuh-modulesd:ciscat WARNING: No evals defined. Exiting... ```

Graphs :yellow_circle:

Manager

Disk: decrease of modulesd

Disk_read: small increase of monitord and modulesd. Increase of syscheckd, but if we compare Read_ops plot, as indicated in:

• https://github.com/wazuh/wazuh/issues/22601#issuecomment-2029316526, the pattern is the same.

FD, VMS: small increase of wazuh-db, modulesd, and remoted.

PSS, RSS, USS: increase of modulesd.

• Known issue: https://github.com/wazuh/wazuh/issues/22841

macOS

VMS, RSS: decrease of modulesd (similar to 4.7.2 and 4.7.1).

Solaris

No abnormalities were found

[juliamagan]

LGTM