Release 4.9.0 - RC 2 - Footprint Metrics - VULNERABILITY-DETECTOR-REGISTER (2.5d)

[wazuhci]

Footprint metrics information

Main release stage issue #	#25475
Main footprint metrics issue #	#25488
Version	4.9.0
Release stage #	RC 2
Tag	https://github.com/wazuh/wazuh/tree/v4.9.0-rc2

Stress test documentation

Packages used

• Repository: packages-dev.wazuh.com

• Package path: pre-release

• Package revision: 1

• Jenkins build: https://ci.wazuh.info/job/Test_stress/5571/

---

Manager

+

Plots

                  

• Logs and configuration

  [ossec_Test_stress_B5571_manager_2024-09-02.zip](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_manager_centos/logs/ossec_Test_stress_B5571_manager_2024-09-02.zip)
• CSV

  [monitor-manager-Test_stress_B5571_manager-pre-release.csv](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_manager_centos/data/monitor-manager-Test_stress_B5571_manager-pre-release.csv) [Test_stress_B5571_manager_analysisd_events.csv](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_manager_centos/data/Test_stress_B5571_manager_analysisd_events.csv) [Test_stress_B5571_manager_analysisd_state.csv](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_manager_centos/data/Test_stress_B5571_manager_analysisd_state.csv) [Test_stress_B5571_manager_remoted_state.csv](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_manager_centos/data/Test_stress_B5571_manager_remoted_state.csv)

Centos agent

+

Plots

                

• Logs and configuration

  [ossec_Test_stress_B5571_centos_2024-09-02.zip](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_agent_centos/logs/ossec_Test_stress_B5571_centos_2024-09-02.zip)
• CSV

  [monitor-agent-Test_stress_B5571_centos-pre-release.csv](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_agent_centos/data/monitor-agent-Test_stress_B5571_centos-pre-release.csv) [Test_stress_B5571_centos_agentd_state.csv](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_agent_centos/data/Test_stress_B5571_centos_agentd_state.csv)

Ubuntu agent

+

Plots

                

• Logs and configuration

  [ossec_Test_stress_B5571_ubuntu_2024-09-02.zip](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_agent_ubuntu/logs/ossec_Test_stress_B5571_ubuntu_2024-09-02.zip)
• CSV

  [monitor-agent-Test_stress_B5571_ubuntu-pre-release.csv](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_agent_ubuntu/data/monitor-agent-Test_stress_B5571_ubuntu-pre-release.csv) [Test_stress_B5571_ubuntu_agentd_state.csv](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_agent_ubuntu/data/Test_stress_B5571_ubuntu_agentd_state.csv)

Windows agent

+

Plots

              

• Logs and configuration

  [ossec_Test_stress_B5571_windows_2024-09-02.zip](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_agent_windows/logs/ossec_Test_stress_B5571_windows_2024-09-02.zip)
• CSV

  [monitor-winagent-Test_stress_B5571_windows-pre-release.csv](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_agent_windows/data/monitor-winagent-Test_stress_B5571_windows-pre-release.csv) [Test_stress_B5571_windows_agentd_state.csv](https://ci.wazuh.com/data/Test_stress/pre-release/4.9.0/B5571-3600m/B5571_agent_windows/data/Test_stress_B5571_windows_agentd_state.csv)

macOS agent

+

Plots

• Logs and configuration
• CSV

Solaris agent

+

Plots

• Logs and configuration
• CSV

Conclusion :yellow_circle:

Plots :yellow_circle:

Known issues:

• https://github.com/wazuh/wazuh/issues/25198
• https://github.com/wazuh/wazuh-jenkins/issues/6842

Logs :yellow_circle:

Known issues:

• https://github.com/wazuh/wazuh/issues/22565
• https://github.com/wazuh/wazuh-jenkins/issues/6368
• https://github.com/wazuh/wazuh-jenkins/issues/4867

[pro-akim]

Analysis report

Graphs :yellow_circle:

Compared to: https://github.com/wazuh/wazuh/issues/24471

Ubuntu

No abnormalities were found

Manager

CPU: Absence of modulesd peaks at the start of the test Disk: relevant decrease of modulesd, now follows the pattern of wazuhdb and wazuh-authd Disk_Read: Large drop in modules with a more staggered ascending pattern until reaching a valley Disk_Written: relevant decrease of modulesd, now follows the pattern of wazuhdb and wazuh-authd FD: decrease of modulesd PSS, RSS y USS : decrease of modulesd VMS: decrease of modulesd Dropped_events: Increase of events Read_Ops: decrease of modulesd

This changes were reported in 4.9.0-Beta2 and they were considered performance improvement

• Reported: https://github.com/wazuh/wazuh/issues/25198 - Known issue

Centos

No abnormalities were found

Windows

All plots are shown altered with respect to 4.8.1-RC2 but present patterns and values similar to 4.9.0-Beta1, 4.9.0-Beta2, and 4.9.0-RC1

• Reported: https://github.com/wazuh/wazuh-jenkins/issues/6842 - Known issue

Logs :yellow_circle:

Ubuntu

``` 2024/08/31 01:56:47 wazuh-agentd ERROR: (1216): Unable to connect to '[172.31.4.94]:1514/tcp': 'Connection refused'. 2024/08/31 01:57:07 wazuh-agentd WARNING: Agent buffer is full: Events may be lost. ```

Manager

- Reported: https://github.com/wazuh/wazuh/issues/22565 - Known issue ``` 2024/08/31 01:53:55 indexer-connector WARNING: No username and password found in the keystore, using default values. 2024/08/31 01:53:55 indexer-connector WARNING: IndexerConnector initialization failed for index 'wazuh-states-vulnerabilities-ip-172-31-4-94.ec2.internal', retrying until the connection is successful. 2024/08/31 01:56:21 indexer-connector WARNING: Failed to sync agent '001' with the indexer. ``` - Expected in stress test ``` 2024/08/31 01:56:02 wazuh-logcollector WARNING: Target 'agent' message queue is full (1024). Log lines may be lost. 2024/08/31 17:06:38 wazuh-remoted WARNING: Message queue is full (10). Events may be lost. ``` - Reported: https://github.com/wazuh/wazuh-jenkins/issues/6368 - Known issue ``` 2024/08/31 01:56:54 wazuh-modulesd:vulnerability-scanner WARNING: The 'feed-update-interval' option at module 'vulnerability-detection' must be at least 1 hour. Automatically set to 60 minutes. ```

Centos

- Reported: https://github.com/wazuh/wazuh-jenkins/issues/4867 - Known issue ``` 2024/08/31 01:56:40 wazuh-agentd ERROR: (1137): Lost connection with manager. Setting lock. 2024/08/31 01:56:40 wazuh-agentd ERROR: (1216): Unable to connect to '[172.31.4.94]:1514/tcp': 'Connection refused'. 2024/08/31 01:56:21 wazuh-agentd WARNING: Agent buffer is full: Events may be lost. ```

Windows

- Reported: https://github.com/wazuh/wazuh-jenkins/issues/4867 - Known issue ``` 2024/08/31 01:56:39 wazuh-agent ERROR: (1137): Lost connection with manager. Setting lock. 2024/08/31 01:56:40 wazuh-agent ERROR: (1216): Unable to connect to '[172.31.4.94]:1514/tcp': 'No connection could be made because the target machine actively refused it.'. ``` - Expected in stress test ``` 2024/08/31 01:56:36 wazuh-agent WARNING: Agent buffer at 90 %. 2024/08/31 02:56:41 wazuh-agent WARNING: Agent buffer is full: Events may be lost. ```

[MARCOSD4]

LGTM