Closed davidjiglesias closed 4 months ago
NOTE: Enable Vulnerability Detection on Wazuh Server.
On the manager side:
2024/05/24 20:47:08 wazuh-modulesd:vulnerability-detector: INFO: (5431): Starting vulnerability scan.
2024/05/24 20:47:08 wazuh-modulesd:vulnerability-detector: INFO: (5450): Analyzing agent '000' vulnerabilities.
2024/05/24 20:47:08 wazuh-modulesd:vulnerability-detector: INFO: (5471): Finished vulnerability assessment for agent '000'
2024/05/24 20:47:08 wazuh-modulesd:vulnerability-detector: INFO: (5450): Analyzing agent '003' vulnerabilities.
2024/05/24 20:47:08 wazuh-modulesd:vulnerability-detector: INFO: (5471): Finished vulnerability assessment for agent '003'
2024/05/24 20:47:08 wazuh-modulesd:vulnerability-detector: INFO: (5450): Analyzing agent '004' vulnerabilities.
2024/05/24 20:47:08 wazuh-modulesd:vulnerability-detector: INFO: (5471): Finished vulnerability assessment for agent '004'
2024/05/24 20:47:08 wazuh-modulesd:vulnerability-detector: INFO: (5472): Vulnerability scan finished.
Hello @SeyiSoneye
We are reviewing the test, at first sight the procedure you executed seems correct, but you testedwazuh-manager-4.7.0
instead wazuh-manager-4.7.5.
[root@ip-172-31-40-90 ec2-user]# yum -y install wazuh-indexer-4.7.0-1
[root@ip-172-31-40-90 ec2-user]# yum -y install wazuh-manager-4.7.0-1
[root@ip-172-31-37-181 ec2-user]# yum -y install wazuh-manager-4.7.0-1
[root@ip-172-31-40-90 ec2-user]# yum -y install wazuh-dashboard-4.7.0-1
This may be the cause of the problems encountered. I think the test should be repeated using version 4.7.5.
@cborla The results are the same with 4.7.5.
Same error: [Alerts index pattern] No template found for the selected index-pattern title [wazuh-alerts-*] Still See previous comment for all steps
Indexer
[root@ip-172-31-40-90 ec2-user]# yum -y install wazuh-indexer-4.7.5-1
Master node
[root@ip-172-31-40-90 ec2-user]# yum -y install wazuh-manager-4.7.5-1
[root@ip-172-31-37-181 ec2-user]# curl -so /etc/filebeat/wazuh-template.json https://raw.githubusercontent.com/wazuh/wazuh/v4.7.5-rc1/extensions/elasticsearch/7.x/wazuh-template.json
Worker node
[root@ip-172-31-37-181 ec2-user]# yum -y install wazuh-manager-4.7.5-1
[root@ip-172-31-37-181 ec2-user]# curl -so /etc/filebeat/wazuh-template.json https://raw.githubusercontent.com/wazuh/wazuh/v4.7.5-rc1/extensions/elasticsearch/7.x/wazuh-template.json
Dashboard
[root@ip-172-31-40-90 ec2-user]# yum -y install wazuh-dashboard-4.7.5-1
Even though the test was done again, it is indicated that the errors persist, as pending is to include the project to which each issue belongs, in this case and according to the evidence in the tests, I understand that the project to assign to each issue is dashboard.
End-to-End (E2E) Testing Guideline
Release testing
objective andVery high
priority. Communicate these to the team and QA via the c-release Slack channel.For the conclusions and the issue testing and updates, use the following legend:
Status legend
Issue delivery and completion
review_assignee
field in the project. The reviewer must then review the test steps and results. Ensure that all iteration cycles are completed by May 26, 2024 date (issue must be inPending final review
status) and notify the QA team via Slack using the c-release channel.Deployment requirements
Test description
Test that macOS log data collection works out of the box. Test that macOS vulnerability works out of the box. Test that macOS file integrity monitoring works out of the box.
Test that macOS security configuration assessment works out of the box.
Known issues
Conclusions
Feedback
We value your feedback. Please provide insights on your testing experience.
Reviewers validation
The criteria for completing this task is based on the validation of the conclusions and the test results by all reviewers.
All the checkboxes below must be marked in order to close this issue.