Fix disparity between scan by events and re-scans - Githubissues

wazuh / wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

https://wazuh.com/

Other

9.34k stars 1.48k forks source link

Fix disparity between scan by events and re-scans #23339

Closed MiguelazoDS closed 1 week ago

MiguelazoDS commented 1 week ago

Related issue
#23327

Description

This PR adds the necessary changes to prevent disparity between scans by events and scans when the information is queried from Wazuh-DB

The issue is that the information required when populating the event details was not consulted in the wazuh-db query.

Logs/Alerts example

Vulnerabilities scan by events

vulnerabilities.json

Vulnerabilities rescan

2024/05/08 11:46:18 wazuh-modulesd:vulnerability-scanner[25493] vulnerabilityScannerFacade.cpp:217 at vulnerabilityScannerPolicyChange(): DEBUG: Perform re-scan after reboot

vulnerabilities.json

Cmocka server UTs

Due to an inconvenience with the Jenkins Job, we ran it locally.

Compilation without warnings in every supported platform
- [x] Linux
[x] Source installation

sebasfalcone commented 1 week ago

[!NOTE] The failing Cmocka test was run locally (see PR body)

The failure was due to lack of resources on the runner