4.8.0-beta4 | Errors in Wazuh Manager during Kubernetes deployment #22511
Assignees
Labels
Comments
2 tasks
vcerenu
added
type/bug
|
The errors presented are due to the lack of syslog in AL2023: We will try to reproduce the error, add the package later to the Docker image and test that this solves the log access errors |
|
The unexpected termination of the Regarding the errors on the files To solve these errors, the requested files were generated to maintain compatibility with all other OSs that continue to use rsyslog and dpkg, and regarding the crash of the modulesd process we are waiting for the completion of the corresponding issue. |
This was referenced Mar 21, 2024
This was
linked to
pull requests
Mar 21, 2024
Update reportCreate some packages from the branch: fix/22581-fix-memory-management-of-rocksdb Jenkins: https://ci.wazuh.info/job/Packages_builder/192550/ With these packages I built local images, which I uploaded to my own repository to be able to do the tests in minikube Docker buildcbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-docker$ ./build-docker-images/build-images.sh -d beta3 -r 1 -v 4.8.0
Building wazuh.manager
Sending build context to Docker daemon 45.06kB
Step 1/25 : FROM amazonlinux:2023.3.20240304.0
2023.3.20240304.0: Pulling from library/amazonlinux
89b8a8416043: Pull complete
Digest: sha256:6ef0881ab074946ab8d1d68a56f3cae2c6f16b5885737601ff8a9325f806780e
Status: Downloaded newer image for amazonlinux:2023.3.20240304.0
---> d54cb79e59a5
Step 2/25 : RUN rm /bin/sh && ln -s /bin/bash /bin/sh
---> Running in fa686165629d
Removing intermediate container fa686165629d
---> fbac641f5751
Step 3/25 : ARG WAZUH_VERSION
---> Running in a0fe3b9aa526
Removing intermediate container a0fe3b9aa526
---> efbcb00d75b6
Step 4/25 : ARG WAZUH_TAG_REVISION
---> Running in b895f7a777d9
Removing intermediate container b895f7a777d9
---> 978e93e3594f
Step 5/25 : ARG FILEBEAT_TEMPLATE_BRANCH
---> Running in 42cf4759a688
Removing intermediate container 42cf4759a688
---> eac60f861208
Step 6/25 : ARG FILEBEAT_CHANNEL=filebeat-oss
---> Running in 30b2c7576b57
Removing intermediate container 30b2c7576b57
---> a6cef1395e91
Step 7/25 : ARG FILEBEAT_VERSION=7.10.2
---> Running in 4286edcf025a
Removing intermediate container 4286edcf025a
---> 25b104cd1ae1
Step 8/25 : ARG WAZUH_FILEBEAT_MODULE
---> Running in e9ed22522fc7
Removing intermediate container e9ed22522fc7
---> 4d4493f134ae
Step 9/25 : ARG S6_VERSION="v2.2.0.3"
---> Running in c2363012f6f6
Removing intermediate container c2363012f6f6
---> 8b5217fc8506
Step 10/25 : RUN yum install curl-minimal xz gnupg tar gzip openssl findutils procps -y && yum clean all
---> Running in aacc17b21340
Amazon Linux 2023 repository 3.2 MB/s | 25 MB 00:07
Last metadata expiration check: 0:00:06 ago on Thu Apr 4 17:20:49 2024.
Package curl-minimal-8.5.0-1.amzn2023.0.2.x86_64 is already installed.
Package gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64 is already installed.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
findutils x86_64 1:4.8.0-2.amzn2023.0.2 amazonlinux 539 k
gzip x86_64 1.12-1.amzn2023.0.1 amazonlinux 160 k
openssl x86_64 1:3.0.8-1.amzn2023.0.11 amazonlinux 1.2 M
procps-ng x86_64 3.3.17-1.amzn2023.0.2 amazonlinux 331 k
tar x86_64 2:1.34-1.amzn2023.0.4 amazonlinux 879 k
xz x86_64 5.2.5-9.amzn2023.0.2 amazonlinux 215 k
Installing dependencies:
systemd-libs x86_64 252.16-1.amzn2023.0.2 amazonlinux 623 k
Transaction Summary
================================================================================
Install 7 Packages
Total download size: 3.8 M
Installed size: 10 M
Downloading Packages:
(1/7): xz-5.2.5-9.amzn2023.0.2.x86_64.rpm 1.1 MB/s | 215 kB 00:00
(2/7): procps-ng-3.3.17-1.amzn2023.0.2.x86_64.r 1.2 MB/s | 331 kB 00:00
(3/7): findutils-4.8.0-2.amzn2023.0.2.x86_64.rp 2.0 MB/s | 539 kB 00:00
(4/7): systemd-libs-252.16-1.amzn2023.0.2.x86_6 3.8 MB/s | 623 kB 00:00
(5/7): openssl-3.0.8-1.amzn2023.0.11.x86_64.rpm 4.2 MB/s | 1.2 MB 00:00
(6/7): gzip-1.12-1.amzn2023.0.1.x86_64.rpm 675 kB/s | 160 kB 00:00
(7/7): tar-1.34-1.amzn2023.0.4.x86_64.rpm 2.0 MB/s | 879 kB 00:00
--------------------------------------------------------------------------------
Total 2.0 MB/s | 3.8 MB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : systemd-libs-252.16-1.amzn2023.0.2.x86_64 1/7
Installing : procps-ng-3.3.17-1.amzn2023.0.2.x86_64 2/7
Installing : gzip-1.12-1.amzn2023.0.1.x86_64 3/7
Installing : tar-2:1.34-1.amzn2023.0.4.x86_64 4/7
Installing : openssl-1:3.0.8-1.amzn2023.0.11.x86_64 5/7
Installing : xz-5.2.5-9.amzn2023.0.2.x86_64 6/7
Installing : findutils-1:4.8.0-2.amzn2023.0.2.x86_64 7/7
Running scriptlet: findutils-1:4.8.0-2.amzn2023.0.2.x86_64 7/7
Verifying : findutils-1:4.8.0-2.amzn2023.0.2.x86_64 1/7
Verifying : procps-ng-3.3.17-1.amzn2023.0.2.x86_64 2/7
Verifying : xz-5.2.5-9.amzn2023.0.2.x86_64 3/7
Verifying : systemd-libs-252.16-1.amzn2023.0.2.x86_64 4/7
Verifying : openssl-1:3.0.8-1.amzn2023.0.11.x86_64 5/7
Verifying : tar-2:1.34-1.amzn2023.0.4.x86_64 6/7
Verifying : gzip-1.12-1.amzn2023.0.1.x86_64 7/7
Installed:
findutils-1:4.8.0-2.amzn2023.0.2.x86_64
gzip-1.12-1.amzn2023.0.1.x86_64
openssl-1:3.0.8-1.amzn2023.0.11.x86_64
procps-ng-3.3.17-1.amzn2023.0.2.x86_64
systemd-libs-252.16-1.amzn2023.0.2.x86_64
tar-2:1.34-1.amzn2023.0.4.x86_64
xz-5.2.5-9.amzn2023.0.2.x86_64
Complete!
9 files removed
Removing intermediate container aacc17b21340
---> 06b97abd2b84
Step 11/25 : COPY config/check_repository.sh /
---> 1deb71801a08
Step 12/25 : COPY config/filebeat_module.sh /
---> 614ba8215765
Step 13/25 : COPY config/permanent_data.env config/permanent_data.sh /
---> 988409878bf9
Step 14/25 : RUN chmod 775 /check_repository.sh
---> Running in a7afc1eb80d0
Removing intermediate container a7afc1eb80d0
---> 57a5c75120df
Step 15/25 : RUN source /check_repository.sh
---> Running in a8c7e7f19b2f
[wazuh]
gpgcheck=1
gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH]
enabled=1
name=EL-$releasever - Wazuh
baseurl=https://packages-dev.wazuh.com/staging/yum/
protect=1
Removing intermediate container a8c7e7f19b2f
---> fbfd990a8ddf
Step 16/25 : RUN yum install wazuh-manager-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && yum clean all && chmod 775 /filebeat_module.sh && source /filebeat_module.sh && rm /filebeat_module.sh && curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz -o /tmp/s6-overlay-amd64.tar.gz && tar xzf /tmp/s6-overlay-amd64.tar.gz -C / --exclude="./bin" && tar xzf /tmp/s6-overlay-amd64.tar.gz -C /usr ./bin && rm /tmp/s6-overlay-amd64.tar.gz
---> Running in d5e92051426b
Amazon Linux 2023 repository 4.6 MB/s | 25 MB 00:05
EL-2023.3.20240304 - Wazuh 527 kB/s | 1.9 MB 00:03
Last metadata expiration check: 0:00:01 ago on Thu Apr 4 17:21:13 2024.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
wazuh-manager x86_64 4.8.0-1 wazuh 292 M
Installing dependencies:
libsemanage x86_64 3.4-5.amzn2023.0.2 amazonlinux 121 k
shadow-utils x86_64 2:4.9-12.amzn2023.0.4 amazonlinux 1.1 M
Transaction Summary
================================================================================
Install 3 Packages
Total download size: 293 M
Installed size: 884 M
Downloading Packages:
(1/3): libsemanage-3.4-5.amzn2023.0.2.x86_64.rp 839 kB/s | 121 kB 00:00
(2/3): shadow-utils-4.9-12.amzn2023.0.4.x86_64. 3.9 MB/s | 1.1 MB 00:00
(3/3): wazuh-manager-4.8.0-1.x86_64.rpm 6.4 MB/s | 292 MB 00:45
--------------------------------------------------------------------------------
Total 6.2 MB/s | 293 MB 00:47
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : libsemanage-3.4-5.amzn2023.0.2.x86_64 1/3
Installing : shadow-utils-2:4.9-12.amzn2023.0.4.x86_64 2/3
Running scriptlet: wazuh-manager-4.8.0-1.x86_64 3/3
Installing : wazuh-manager-4.8.0-1.x86_64 3/3
Running scriptlet: wazuh-manager-4.8.0-1.x86_64 3/3
Verifying : shadow-utils-2:4.9-12.amzn2023.0.4.x86_64 1/3
Verifying : libsemanage-3.4-5.amzn2023.0.2.x86_64 2/3
Verifying : wazuh-manager-4.8.0-1.x86_64 3/3
Installed:
libsemanage-3.4-5.amzn2023.0.2.x86_64
shadow-utils-2:4.9-12.amzn2023.0.4.x86_64
wazuh-manager-4.8.0-1.x86_64
Complete!
16 files removed
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 20.7M 100 20.7M 0 0 5226k 0 0:00:04 0:00:04 --:--:-- 5226k
Amazon Linux 2023 repository 4.8 MB/s | 25 MB 00:05
EL-2023.3.20240304 - Wazuh 522 kB/s | 1.9 MB 00:03
Last metadata expiration check: 0:00:01 ago on Thu Apr 4 17:22:42 2024.
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Installing:
filebeat x86_64 7.10.2-1 @commandline 21 M
Transaction Summary
================================================================================
Install 1 Package
Total size: 21 M
Installed size: 70 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : filebeat-7.10.2-1.x86_64 1/1
Running scriptlet: filebeat-7.10.2-1.x86_64 1/1
Verifying : filebeat-7.10.2-1.x86_64 1/1
Installed:
filebeat-7.10.2-1.x86_64
Complete!
wazuh/
wazuh/_meta/
wazuh/_meta/docs.asciidoc
wazuh/_meta/fields.yml
wazuh/_meta/config.yml
wazuh/alerts/
wazuh/alerts/config/
wazuh/alerts/config/alerts.yml
wazuh/alerts/manifest.yml
wazuh/alerts/ingest/
wazuh/alerts/ingest/pipeline.json
wazuh/module.yml
wazuh/archives/
wazuh/archives/config/
wazuh/archives/config/archives.yml
wazuh/archives/manifest.yml
wazuh/archives/ingest/
wazuh/archives/ingest/pipeline.json
Removing intermediate container d5e92051426b
---> e5bb3dd3afb7
Step 17/25 : COPY config/etc/ /etc/
---> 0610a95bada6
Step 18/25 : COPY --chown=root:wazuh config/create_user.py /var/ossec/framework/scripts/create_user.py
---> ebe883c9b1a2
Step 19/25 : COPY config/filebeat.yml /etc/filebeat/
---> baa425edd5b6
Step 20/25 : RUN chmod go-w /etc/filebeat/filebeat.yml
---> Running in 79c959467195
Removing intermediate container 79c959467195
---> 888d7affc6f1
Step 21/25 : ADD https://raw.githubusercontent.com/wazuh/wazuh/$FILEBEAT_TEMPLATE_BRANCH/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat
Downloading 62.78kB
---> 1885aad09160
Step 22/25 : RUN chmod go-w /etc/filebeat/wazuh-template.json
---> Running in c8185f5233a3
Removing intermediate container c8185f5233a3
---> 6fccead7cc14
Step 23/25 : RUN mkdir -p /var/ossec/var/multigroups && chown root:wazuh /var/ossec/var/multigroups && chmod 770 /var/ossec/var/multigroups && mkdir -p /var/ossec/agentless && chown root:wazuh /var/ossec/agentless && chmod 770 /var/ossec/agentless && mkdir -p /var/ossec/active-response/bin && chown root:wazuh /var/ossec/active-response/bin && chmod 770 /var/ossec/active-response/bin && chmod 755 /permanent_data.sh && sync && /permanent_data.sh && sync && rm /permanent_data.sh
---> Running in e184cff44f9e
Removing intermediate container e184cff44f9e
---> 0d1772611c3a
Step 24/25 : EXPOSE 55000/tcp 1514/tcp 1515/tcp 514/udp 1516/tcp
---> Running in cc7eb9eef688
Removing intermediate container cc7eb9eef688
---> 087d1209259b
Step 25/25 : ENTRYPOINT [ "/init" ]
---> Running in b955d3451bc8
Removing intermediate container b955d3451bc8
---> 389ff8ca4fa2
Successfully built 389ff8ca4fa2
Successfully tagged wazuh/wazuh-manager:4.8.0
Building wazuh.indexer
Sending build context to Docker daemon 32.26kB
Step 1/32 : FROM amazonlinux:2023.3.20240304.0 AS builder
---> d54cb79e59a5
Step 2/32 : ARG WAZUH_VERSION
---> Running in b7cd557abe95
Removing intermediate container b7cd557abe95
---> 65ed5c8025c6
Step 3/32 : ARG WAZUH_TAG_REVISION
---> Running in a24906cd3499
Removing intermediate container a24906cd3499
---> f871fa4dd2d2
Step 4/32 : RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y
---> Running in 51c8bf2bb106
Amazon Linux 2023 repository 4.9 MB/s | 25 MB 00:04
Last metadata expiration check: 0:00:06 ago on Thu Apr 4 17:23:03 2024.
Package curl-minimal-8.5.0-1.amzn2023.0.2.x86_64 is already installed.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
findutils x86_64 1:4.8.0-2.amzn2023.0.2 amazonlinux 539 k
openssl x86_64 1:3.0.8-1.amzn2023.0.11 amazonlinux 1.2 M
shadow-utils x86_64 2:4.9-12.amzn2023.0.4 amazonlinux 1.1 M
tar x86_64 2:1.34-1.amzn2023.0.4 amazonlinux 879 k
xz x86_64 5.2.5-9.amzn2023.0.2 amazonlinux 215 k
Installing dependencies:
libsemanage x86_64 3.4-5.amzn2023.0.2 amazonlinux 121 k
Transaction Summary
================================================================================
Install 6 Packages
Total download size: 4.0 M
Installed size: 11 M
Downloading Packages:
(1/6): libsemanage-3.4-5.amzn2023.0.2.x86_64.rp 743 kB/s | 121 kB 00:00
(2/6): findutils-4.8.0-2.amzn2023.0.2.x86_64.rp 2.7 MB/s | 539 kB 00:00
(3/6): xz-5.2.5-9.amzn2023.0.2.x86_64.rpm 3.0 MB/s | 215 kB 00:00
(4/6): shadow-utils-4.9-12.amzn2023.0.4.x86_64. 1.8 MB/s | 1.1 MB 00:00
(5/6): openssl-3.0.8-1.amzn2023.0.11.x86_64.rpm 2.6 MB/s | 1.2 MB 00:00
(6/6): tar-1.34-1.amzn2023.0.4.x86_64.rpm 1.6 MB/s | 879 kB 00:00
--------------------------------------------------------------------------------
Total 2.0 MB/s | 4.0 MB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : libsemanage-3.4-5.amzn2023.0.2.x86_64 1/6
Installing : shadow-utils-2:4.9-12.amzn2023.0.4.x86_64 2/6
Installing : tar-2:1.34-1.amzn2023.0.4.x86_64 3/6
Installing : openssl-1:3.0.8-1.amzn2023.0.11.x86_64 4/6
Installing : xz-5.2.5-9.amzn2023.0.2.x86_64 5/6
Installing : findutils-1:4.8.0-2.amzn2023.0.2.x86_64 6/6
Running scriptlet: findutils-1:4.8.0-2.amzn2023.0.2.x86_64 6/6
Verifying : findutils-1:4.8.0-2.amzn2023.0.2.x86_64 1/6
Verifying : shadow-utils-2:4.9-12.amzn2023.0.4.x86_64 2/6
Verifying : libsemanage-3.4-5.amzn2023.0.2.x86_64 3/6
Verifying : xz-5.2.5-9.amzn2023.0.2.x86_64 4/6
Verifying : openssl-1:3.0.8-1.amzn2023.0.11.x86_64 5/6
Verifying : tar-2:1.34-1.amzn2023.0.4.x86_64 6/6
Installed:
findutils-1:4.8.0-2.amzn2023.0.2.x86_64
libsemanage-3.4-5.amzn2023.0.2.x86_64
openssl-1:3.0.8-1.amzn2023.0.11.x86_64
shadow-utils-2:4.9-12.amzn2023.0.4.x86_64
tar-2:1.34-1.amzn2023.0.4.x86_64
xz-5.2.5-9.amzn2023.0.2.x86_64
Complete!
Removing intermediate container 51c8bf2bb106
---> e8d758b66bdd
Step 5/32 : COPY config/opensearch.yml /
---> a8d174d41e4a
Step 6/32 : COPY config/config.sh .
---> d49ab5c300af
Step 7/32 : COPY config/config.yml /
---> 9b68e7977496
Step 8/32 : COPY config/action_groups.yml /
---> 04996146a0a8
Step 9/32 : COPY config/internal_users.yml /
---> 0f018c6a7383
Step 10/32 : COPY config/roles_mapping.yml /
---> 339531716821
Step 11/32 : COPY config/roles.yml /
---> f6db05825fde
Step 12/32 : RUN bash config.sh
---> Running in 611940d34f87
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 723M 100 723M 0 0 7455k 0 0:01:39 0:01:39 --:--:-- 7523k
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 36313 100 36313 0 0 71244 0 --:--:-- --:--:-- --:--:-- 71201
Cert tool exists in Packages-dev bucket
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 42851 100 42851 0 0 140k 0 --:--:-- --:--:-- --:--:-- 140k
Password tool exists in Packages-dev bucket
04/04/2024 17:25:32 INFO: Generating the root certificate.
04/04/2024 17:25:32 INFO: Generating Admin certificates.
04/04/2024 17:25:32 INFO: Admin certificates created.
04/04/2024 17:25:32 INFO: Generating Wazuh indexer certificates.
04/04/2024 17:25:33 INFO: Wazuh indexer certificates created.
Removing intermediate container 611940d34f87
---> ef32b36f6890
Step 13/32 : FROM amazonlinux:2023.3.20240304.0
---> d54cb79e59a5
Step 14/32 : ENV USER="wazuh-indexer" GROUP="wazuh-indexer" NAME="wazuh-indexer" INSTALL_DIR="/usr/share/wazuh-indexer"
---> Running in 350e28618be7
Removing intermediate container 350e28618be7
---> 96e69ebcbf13
Step 15/32 : RUN yum install curl-minimal shadow-utils findutils hostname -y
---> Running in 00fd9058bf0d
Amazon Linux 2023 repository 4.6 MB/s | 25 MB 00:05
Last metadata expiration check: 0:00:04 ago on Thu Apr 4 17:26:01 2024.
Package curl-minimal-8.5.0-1.amzn2023.0.2.x86_64 is already installed.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
findutils x86_64 1:4.8.0-2.amzn2023.0.2 amazonlinux 539 k
hostname x86_64 3.23-4.amzn2023.0.3 amazonlinux 28 k
shadow-utils x86_64 2:4.9-12.amzn2023.0.4 amazonlinux 1.1 M
Installing dependencies:
libsemanage x86_64 3.4-5.amzn2023.0.2 amazonlinux 121 k
Transaction Summary
================================================================================
Install 4 Packages
Total download size: 1.8 M
Installed size: 5.7 M
Downloading Packages:
(1/4): libsemanage-3.4-5.amzn2023.0.2.x86_64.rp 626 kB/s | 121 kB 00:00
(2/4): findutils-4.8.0-2.amzn2023.0.2.x86_64.rp 2.4 MB/s | 539 kB 00:00
(3/4): shadow-utils-4.9-12.amzn2023.0.4.x86_64. 3.4 MB/s | 1.1 MB 00:00
(4/4): hostname-3.23-4.amzn2023.0.3.x86_64.rpm 27 kB/s | 28 kB 00:01
--------------------------------------------------------------------------------
Total 745 kB/s | 1.8 MB 00:02
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : libsemanage-3.4-5.amzn2023.0.2.x86_64 1/4
Installing : shadow-utils-2:4.9-12.amzn2023.0.4.x86_64 2/4
Installing : hostname-3.23-4.amzn2023.0.3.x86_64 3/4
Running scriptlet: hostname-3.23-4.amzn2023.0.3.x86_64 3/4
Installing : findutils-1:4.8.0-2.amzn2023.0.2.x86_64 4/4
Running scriptlet: findutils-1:4.8.0-2.amzn2023.0.2.x86_64 4/4
Verifying : findutils-1:4.8.0-2.amzn2023.0.2.x86_64 1/4
Verifying : shadow-utils-2:4.9-12.amzn2023.0.4.x86_64 2/4
Verifying : libsemanage-3.4-5.amzn2023.0.2.x86_64 3/4
Verifying : hostname-3.23-4.amzn2023.0.3.x86_64 4/4
Installed:
findutils-1:4.8.0-2.amzn2023.0.2.x86_64
hostname-3.23-4.amzn2023.0.3.x86_64
libsemanage-3.4-5.amzn2023.0.2.x86_64
shadow-utils-2:4.9-12.amzn2023.0.4.x86_64
Complete!
Removing intermediate container 00fd9058bf0d
---> 6531175e3ac3
Step 16/32 : RUN getent group $GROUP || groupadd -r -g 1000 $GROUP
---> Running in 0be3ce357f64
Removing intermediate container 0be3ce357f64
---> f664a5baf12e
Step 17/32 : RUN useradd --system --uid 1000 --no-create-home --home-dir $INSTALL_DIR --gid $GROUP --shell /sbin/nologin --comment "$USER user" $USER
---> Running in a62083521b31
useradd warning: wazuh-indexer's uid 1000 is greater than SYS_UID_MAX 999
Removing intermediate container a62083521b31
---> c3ec9410bc87
Step 18/32 : WORKDIR $INSTALL_DIR
---> Running in 9fa698507e0e
Removing intermediate container 9fa698507e0e
---> 020ab2616cec
Step 19/32 : COPY config/entrypoint.sh /
---> 62af8ee48215
Step 20/32 : COPY config/securityadmin.sh /
---> 22e1cdcbb6ba
Step 21/32 : RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh
---> Running in d72547facdab
Removing intermediate container d72547facdab
---> 8496a581c314
Step 22/32 : RUN chown 1000:1000 /*.sh
---> Running in 592e50322973
Removing intermediate container 592e50322973
---> dd9ff91f79ad
Step 23/32 : COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/usr/share/wazuh-indexer /usr/share/wazuh-indexer
---> 5ba56890c709
Step 24/32 : COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/systemd
---> 3ad74e4bf949
Step 25/32 : COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d
---> b212261ce00e
Step 26/32 : COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d
---> 38b9a040abf0
Step 27/32 : RUN chown -R 1000:1000 /usr/share/wazuh-indexer
---> Running in 44bd569c48bf
Removing intermediate container 44bd569c48bf
---> bab847a51926
Step 28/32 : RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/wazuh-indexer/logs && mkdir -p /run/wazuh-indexer && chown 1000:1000 /run/wazuh-indexer && mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer && chmod 700 /usr/share/wazuh-indexer && chmod 600 /usr/share/wazuh-indexer/jvm.options && chmod 600 /usr/share/wazuh-indexer/opensearch.yml
---> Running in ff2542f39694
Removing intermediate container ff2542f39694
---> 18367251b8b0
Step 29/32 : USER wazuh-indexer
---> Running in 6ced2dfe5567
Removing intermediate container 6ced2dfe5567
---> eb2e5bdd8683
Step 30/32 : EXPOSE 9200
---> Running in 43e4b3b28678
Removing intermediate container 43e4b3b28678
---> a2309824321e
Step 31/32 : ENTRYPOINT ["/entrypoint.sh"]
---> Running in 0706589305bf
Removing intermediate container 0706589305bf
---> 3469323fb157
Step 32/32 : CMD ["opensearchwrapper"]
---> Running in 1ee420e19489
Removing intermediate container 1ee420e19489
---> b78faf8b642e
Successfully built b78faf8b642e
Successfully tagged wazuh/wazuh-indexer:4.8.0
Building wazuh.dashboard
Sending build context to Docker daemon 26.11kB
Step 1/39 : FROM amazonlinux:2023.3.20240304.0 AS builder
---> d54cb79e59a5
Step 2/39 : ARG WAZUH_VERSION
---> Running in f3ae3df28b12
Removing intermediate container f3ae3df28b12
---> d65358525938
Step 3/39 : ARG WAZUH_TAG_REVISION
---> Running in f0cd3b2ff78c
Removing intermediate container f0cd3b2ff78c
---> 3bd67db59c30
Step 4/39 : ARG INSTALL_DIR=/usr/share/wazuh-dashboard
---> Running in eef978eac123
Removing intermediate container eef978eac123
---> 8a36b8176877
Step 5/39 : ARG WAZUH_UI_REVISION
---> Running in 29270fc69a73
Removing intermediate container 29270fc69a73
---> 820c06ab5f2c
Step 6/39 : RUN yum install curl-minimal libcap xz tar openssl -y
---> Running in 533c2933879e
Amazon Linux 2023 repository 4.3 MB/s | 25 MB 00:05
Last metadata expiration check: 0:00:06 ago on Thu Apr 4 17:26:44 2024.
Package curl-minimal-8.5.0-1.amzn2023.0.2.x86_64 is already installed.
Package libcap-2.48-2.amzn2023.0.3.x86_64 is already installed.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
openssl x86_64 1:3.0.8-1.amzn2023.0.11 amazonlinux 1.2 M
tar x86_64 2:1.34-1.amzn2023.0.4 amazonlinux 879 k
xz x86_64 5.2.5-9.amzn2023.0.2 amazonlinux 215 k
Transaction Summary
================================================================================
Install 3 Packages
Total download size: 2.2 M
Installed size: 5.5 M
Downloading Packages:
(1/3): xz-5.2.5-9.amzn2023.0.2.x86_64.rpm 792 kB/s | 215 kB 00:00
(2/3): openssl-3.0.8-1.amzn2023.0.11.x86_64.rpm 2.5 MB/s | 1.2 MB 00:00
(3/3): tar-1.34-1.amzn2023.0.4.x86_64.rpm 1.4 MB/s | 879 kB 00:00
--------------------------------------------------------------------------------
Total 1.2 MB/s | 2.2 MB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : tar-2:1.34-1.amzn2023.0.4.x86_64 1/3
Installing : openssl-1:3.0.8-1.amzn2023.0.11.x86_64 2/3
Installing : xz-5.2.5-9.amzn2023.0.2.x86_64 3/3
Running scriptlet: xz-5.2.5-9.amzn2023.0.2.x86_64 3/3
Verifying : xz-5.2.5-9.amzn2023.0.2.x86_64 1/3
Verifying : openssl-1:3.0.8-1.amzn2023.0.11.x86_64 2/3
Verifying : tar-2:1.34-1.amzn2023.0.4.x86_64 3/3
Installed:
openssl-1:3.0.8-1.amzn2023.0.11.x86_64 tar-2:1.34-1.amzn2023.0.4.x86_64
xz-5.2.5-9.amzn2023.0.2.x86_64
Complete!
Removing intermediate container 533c2933879e
---> 72336a94c890
Step 7/39 : RUN mkdir -p $INSTALL_DIR
---> Running in 1da41d388088
Removing intermediate container 1da41d388088
---> 2b4fc2e493df
Step 8/39 : COPY config/dl_base.sh .
---> 07527a5c441e
Step 9/39 : RUN bash dl_base.sh
---> Running in 622cd27c8294
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 153M 100 153M 0 0 6302k 0 0:00:24 0:00:24 --:--:-- 6558k
Removing intermediate container 622cd27c8294
---> 91e1cd98c097
Step 10/39 : COPY config/config.sh .
---> 53b5db3fb73a
Step 11/39 : COPY config/config.yml /
---> 80af0ce5f58a
Step 12/39 : RUN bash config.sh
---> Running in a03b02618ef1
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 36313 100 36313 0 0 127k 0 --:--:-- --:--:-- --:--:-- 127k
Cert tool exists in Packages-dev bucket
04/04/2024 17:27:49 INFO: Generating the root certificate.
04/04/2024 17:27:49 INFO: Generating Admin certificates.
04/04/2024 17:27:50 INFO: Admin certificates created.
04/04/2024 17:27:50 INFO: Generating Wazuh dashboard certificates.
04/04/2024 17:27:50 INFO: Wazuh dashboard certificates created.
Removing intermediate container a03b02618ef1
---> 9beaedf1faf2
Step 13/39 : COPY config/install_wazuh_app.sh /
---> 4e6b35472a94
Step 14/39 : RUN chmod 775 /install_wazuh_app.sh
---> Running in 252a385565d6
Removing intermediate container 252a385565d6
---> d15ac857f876
Step 15/39 : RUN bash /install_wazuh_app.sh
---> Running in 3e6fad80f4f3
Attempting to transfer from https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-4.8.0-1.zip
Transferring 34136679 bytes....................
Transfer complete
Retrieving metadata from plugin archive
Extracting plugin archive
Extraction complete
Plugin installation complete
Attempting to transfer from https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCheckUpdates-4.8.0-1.zip
Transferring 1877165 bytes....................
Transfer complete
Retrieving metadata from plugin archive
Extracting plugin archive
Extraction complete
Plugin installation complete
Attempting to transfer from https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCore-4.8.0-1.zip
Transferring 3208626 bytes....................
Transfer complete
Retrieving metadata from plugin archive
Extracting plugin archive
Extraction complete
Plugin installation complete
Removing intermediate container 3e6fad80f4f3
---> 651d7352e6f5
Step 16/39 : COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/
---> 7600e3816683
Step 17/39 : COPY config/wazuh.yml $INSTALL_DIR/data/wazuh/config/
---> d002f5341bbc
Step 18/39 : RUN chmod 664 $INSTALL_DIR/config/opensearch_dashboards.yml
---> Running in ca7abea710b8
Removing intermediate container ca7abea710b8
---> 1abbc8026acd
Step 19/39 : RUN mkdir -p $INSTALL_DIR/data/wazuh && chmod -R 775 $INSTALL_DIR/data/wazuh
---> Running in 1545671c5bdd
Removing intermediate container 1545671c5bdd
---> fedb3f14a067
Step 20/39 : RUN mkdir -p $INSTALL_DIR/data/wazuh/config && chmod -R 775 $INSTALL_DIR/data/wazuh/config
---> Running in 800687d0884a
Removing intermediate container 800687d0884a
---> 4fa2143edfc3
Step 21/39 : RUN mkdir -p $INSTALL_DIR/data/wazuh/logs && chmod -R 775 $INSTALL_DIR/data/wazuh/logs
---> Running in 1b361404f89a
Removing intermediate container 1b361404f89a
---> e5da2c82daa3
Step 22/39 : FROM amazonlinux:2023.3.20240304.0
---> d54cb79e59a5
Step 23/39 : ENV USER="wazuh-dashboard" GROUP="wazuh-dashboard" NAME="wazuh-dashboard" INSTALL_DIR="/usr/share/wazuh-dashboard"
---> Running in dbad162f9adc
Removing intermediate container dbad162f9adc
---> 3e60c09a6b76
Step 24/39 : ENV PATTERN="" CHECKS_PATTERN="" CHECKS_TEMPLATE="" CHECKS_API="" CHECKS_SETUP="" EXTENSIONS_PCI="" EXTENSIONS_GDPR="" EXTENSIONS_HIPAA="" EXTENSIONS_NIST="" EXTENSIONS_TSC="" EXTENSIONS_AUDIT="" EXTENSIONS_OSCAP="" EXTENSIONS_CISCAT="" EXTENSIONS_AWS="" EXTENSIONS_GCP="" EXTENSIONS_GITHUB="" EXTENSIONS_OFFICE="" EXTENSIONS_VIRUSTOTAL="" EXTENSIONS_OSQUERY="" EXTENSIONS_DOCKER="" APP_TIMEOUT="" API_SELECTOR="" IP_SELECTOR="" IP_IGNORE="" WAZUH_MONITORING_ENABLED="" WAZUH_MONITORING_FREQUENCY="" WAZUH_MONITORING_SHARDS="" WAZUH_MONITORING_REPLICAS=""
---> Running in 9be8d7b58c79
Removing intermediate container 9be8d7b58c79
---> 201ba87dc21a
Step 25/39 : RUN yum install shadow-utils -y
---> Running in 478510ccf69a
Amazon Linux 2023 repository 3.6 MB/s | 25 MB 00:06
Last metadata expiration check: 0:00:03 ago on Thu Apr 4 17:28:19 2024.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
shadow-utils x86_64 2:4.9-12.amzn2023.0.4 amazonlinux 1.1 M
Installing dependencies:
libsemanage x86_64 3.4-5.amzn2023.0.2 amazonlinux 121 k
Transaction Summary
================================================================================
Install 2 Packages
Total download size: 1.2 M
Installed size: 4.0 M
Downloading Packages:
(1/2): libsemanage-3.4-5.amzn2023.0.2.x86_64.rp 683 kB/s | 121 kB 00:00
(2/2): shadow-utils-4.9-12.amzn2023.0.4.x86_64. 4.0 MB/s | 1.1 MB 00:00
--------------------------------------------------------------------------------
Total 844 kB/s | 1.2 MB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : libsemanage-3.4-5.amzn2023.0.2.x86_64 1/2
Installing : shadow-utils-2:4.9-12.amzn2023.0.4.x86_64 2/2
Running scriptlet: shadow-utils-2:4.9-12.amzn2023.0.4.x86_64 2/2
Verifying : shadow-utils-2:4.9-12.amzn2023.0.4.x86_64 1/2
Verifying : libsemanage-3.4-5.amzn2023.0.2.x86_64 2/2
Installed:
libsemanage-3.4-5.amzn2023.0.2.x86_64
shadow-utils-2:4.9-12.amzn2023.0.4.x86_64
Complete!
Removing intermediate container 478510ccf69a
---> 7ad25af863d2
Step 26/39 : RUN getent group $GROUP || groupadd -r -g 1000 $GROUP
---> Running in 3c963b4cd0d4
Removing intermediate container 3c963b4cd0d4
---> 1a75d9ab2f75
Step 27/39 : RUN useradd --system --uid 1000 --no-create-home --home-dir $INSTALL_DIR --gid $GROUP --shell /sbin/nologin --comment "$USER user" $USER
---> Running in ad43726b34f1
useradd warning: wazuh-dashboard's uid 1000 is greater than SYS_UID_MAX 999
Removing intermediate container ad43726b34f1
---> ce335aa3c788
Step 28/39 : COPY config/entrypoint.sh /
---> c9692d4569a9
Step 29/39 : COPY config/wazuh_app_config.sh /
---> b11bd718b744
Step 30/39 : RUN chmod 700 /entrypoint.sh
---> Running in 5cddd7bd8abf
Removing intermediate container 5cddd7bd8abf
---> 4b69f851e26a
Step 31/39 : RUN chmod 700 /wazuh_app_config.sh
---> Running in 8d6c388dfa2a
Removing intermediate container 8d6c388dfa2a
---> 50266694465e
Step 32/39 : RUN chown 1000:1000 /*.sh
---> Running in e4b89abb7f3f
Removing intermediate container e4b89abb7f3f
---> 13988d67b1d4
Step 33/39 : COPY --from=builder --chown=1000:1000 $INSTALL_DIR $INSTALL_DIR
---> d5ce4f44497a
Step 34/39 : RUN mkdir -p /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
---> Running in cc5ee5344e58
Removing intermediate container cc5ee5344e58
---> f0c5c0e2a319
Step 35/39 : RUN chown 1000:1000 /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
---> Running in d2ed61be7b57
Removing intermediate container d2ed61be7b57
---> f241711f8757
Step 36/39 : WORKDIR $INSTALL_DIR
---> Running in 316bfbeb7c87
Removing intermediate container 316bfbeb7c87
---> 123eb6c99f5e
Step 37/39 : USER wazuh-dashboard
---> Running in 1b7d5106d0c1
Removing intermediate container 1b7d5106d0c1
---> 229af5265d7b
Step 38/39 : EXPOSE 443
---> Running in ab2344e0e5c7
Removing intermediate container ab2344e0e5c7
---> 8bf6d7896cec
Step 39/39 : ENTRYPOINT [ "/entrypoint.sh" ]
---> Running in 53b04b32b978
Removing intermediate container 53b04b32b978
---> 4cbd10645223
Successfully built 4cbd10645223
Successfully tagged wazuh/wazuh-dashboard:4.8.0With these images I created a cluster in Minikube and it started correctly, the manager pods started correctly and did not restart Podscbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-kubernetes$ kubectl get pods -n wazuh
NAME READY STATUS RESTARTS AGE
wazuh-dashboard-5844f44d6c-j2hxh 1/1 Running 0 6m36s
wazuh-indexer-0 1/1 Running 0 6m36s
wazuh-manager-master-0 1/1 Running 0 6m36s
wazuh-manager-worker-0 1/1 Running 0 6m36s
Minikube versioncbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-docker$ minikube start
😄 minikube v1.32.0 on Ubuntu 22.04
✨ Using the docker driver based on existing profile
👍 Starting control plane node minikube in cluster minikube
🚜 Pulling base image ...
🔄 Restarting existing docker container for "minikube" ...
🐳 Preparing Kubernetes v1.28.3 on Docker 24.0.7 ...
🔗 Configuring bridge CNI (Container Networking Interface) ...
🔎 Verifying Kubernetes components...
▪ Using image gcr.io/k8s-minikube/storage-provisioner:v5
🌟 Enabled addons: storage-provisioner, default-storageclass
🏄 Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default |
Update reportI entered the manager pod and was able to validate that the librocksdb.so.8 library is present, the modulesd daemon does not restart, so I understand that the changes are correct. bash-5.2# ls -la /var/ossec/lib/lib
libcontent_manager.so libfimdb.so libindexer_connector.so libpython3.10.so.1.0 librouter.so libstdc++.so.6 libsysinfo.so libwazuhext.so
libdbsync.so libgcc_s.so.1 libjemalloc.so.2 librocksdb.so.8 librsync.so libsyscollector.so libvulnerability_scanner.so libwazuhshared.so
bash-5.2# /var/ossec/bin/wazuh-control status
wazuh-clusterd is running...
wazuh-modulesd: Process 722 not used by Wazuh, removing...
wazuh-modulesd not running...
wazuh-monitord is running...
wazuh-logcollector is running...
wazuh-remoted is running...
wazuh-syscheckd is running...
wazuh-analysisd is running...
wazuh-maild not running...
wazuh-execd is running...
wazuh-db is running...
wazuh-authd is running...
wazuh-agentlessd not running...
wazuh-integratord not running...
wazuh-dbd not running...
wazuh-csyslogd not running...
wazuh-apid is running...Manager logs Feb 5, 2024 @ 16:27:17.000 wazuh-modulesd:router INFO Loaded router module.
Feb 5, 2024 @ 16:27:17.000 wazuh-modulesd:content_manager INFO Loaded content_manager module.
Feb 5, 2024 @ 16:27:22.000 wazuh-csyslogd INFO Remote syslog server not configured. Clean exit.
Feb 5, 2024 @ 16:27:22.000 wazuh-dbd INFO Database not configured. Clean exit.
Feb 5, 2024 @ 16:27:22.000 wazuh-integratord INFO Remote integrations not configured. Clean exit.
Feb 5, 2024 @ 16:27:22.000 wazuh-agentlessd INFO Not configured. Exiting.
Feb 5, 2024 @ 16:27:22.000 wazuh-authd INFO Started (pid: 487).
Feb 5, 2024 @ 16:27:22.000 wazuh-authd INFO Accepting connections on port 1515. Using password specified on file: etc/authd.pass
Feb 5, 2024 @ 16:27:22.000 wazuh-authd INFO Setting network timeout to 1.000000 sec.
Feb 5, 2024 @ 16:27:22.000 wazuh-db INFO Started (pid: 501).
Feb 5, 2024 @ 16:27:22.000 wazuh-execd INFO Started (pid: 524).
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd WARNING The check_unixaudit option is deprecated in favor of the SCA module.
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO Started (pid: 546).
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6003): Monitoring path: '/bin', with options 'size | permissions | owner | group | mtime | inode | hash_md5 | hash_sha1 | hash_sha256 | scheduled'.
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6003): Monitoring path: '/boot', with options 'size | permissions | owner | group | mtime | inode | hash_md5 | hash_sha1 | hash_sha256 | scheduled'.
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6003): Monitoring path: '/etc', with options 'size | permissions | owner | group | mtime | inode | hash_md5 | hash_sha1 | hash_sha256 | scheduled'.
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6003): Monitoring path: '/sbin', with options 'size | permissions | owner | group | mtime | inode | hash_md5 | hash_sha1 | hash_sha256 | scheduled'.
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6003): Monitoring path: '/usr/bin', with options 'size | permissions | owner | group | mtime | inode | hash_md5 | hash_sha1 | hash_sha256 | scheduled'.
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6003): Monitoring path: '/usr/sbin', with options 'size | permissions | owner | group | mtime | inode | hash_md5 | hash_sha1 | hash_sha256 | scheduled'.
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/etc/mtab'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/etc/hosts.deny'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/etc/mail/statistics'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/etc/random-seed'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/etc/random.seed'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/etc/adjtime'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/etc/httpd/logs'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/etc/utmpx'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/etc/wtmpx'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/etc/cups/certs'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/etc/dumpdates'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/etc/svc/volatile'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/sys/kernel/security'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6206): Ignore 'file' entry '/sys/kernel/debug'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6004): No diff for file: '/etc/ssl/private.key'
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6000): Starting daemon...
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6010): File integrity monitoring scan frequency: 43200 seconds
Feb 5, 2024 @ 16:27:23.000 wazuh-syscheckd INFO (6008): File integrity monitoring scan started.
Feb 5, 2024 @ 16:27:23.000 wazuh-rootcheck INFO Starting rootcheck scan.
Feb 5, 2024 @ 16:27:23.000 wazuh-db INFO Created Global database backup "backup/db/global.db-backup-2024-02-05-19:27:23.gz"
Feb 5, 2024 @ 16:27:23.000 wazuh-remoted INFO Started (pid: 560). Listening on port 1514/TCP (secure).
Feb 5, 2024 @ 16:27:23.000 wazuh-remoted INFO (1410): Reading authentication keys file.
Feb 5, 2024 @ 16:27:24.000 wazuh-logcollector INFO Monitoring output of command(360): df -P
Feb 5, 2024 @ 16:27:24.000 wazuh-logcollector INFO Monitoring full output of command(360): netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d
Feb 5, 2024 @ 16:27:24.000 wazuh-logcollector INFO Monitoring full output of command(360): last -n 20
Feb 5, 2024 @ 16:27:24.000 wazuh-logcollector INFO (1950): Analyzing file: '/var/ossec/logs/active-responses.log'.
Feb 5, 2024 @ 16:27:24.000 wazuh-logcollector ERROR (1103): Could not open file '/var/log/syslog' due to [(2)-(No such file or directory)].
Feb 5, 2024 @ 16:27:24.000 wazuh-logcollector INFO (1950): Analyzing file: '/var/log/syslog'.
Feb 5, 2024 @ 16:27:24.000 wazuh-logcollector INFO (1950): Analyzing file: '/var/log/dpkg.log'.
Feb 5, 2024 @ 16:27:24.000 wazuh-logcollector INFO Started (pid: 596).
Feb 5, 2024 @ 16:27:24.000 wazuh-monitord INFO Started (pid: 614).
Feb 5, 2024 @ 16:27:25.000 wazuh-modulesd:router INFO Loaded router module.
Feb 5, 2024 @ 16:27:25.000 wazuh-modulesd:content_manager INFO Loaded content_manager module.
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd INFO Started (pid: 626).
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:agent-upgrade INFO (8153): Module Agent Upgrade started.
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:oscap INFO Module disabled. Exiting...
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:ciscat INFO Module disabled. Exiting...
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:osquery INFO Module disabled. Exiting...
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:task-manager INFO (8200): Module Task Manager started.
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:router INFO Starting router module.
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:vulnerability-scanner INFO Starting vulnerability_scanner module.
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:content_manager INFO Starting content_manager module.
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:database INFO Module started.
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:download INFO Module started.
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:control INFO Starting control thread.
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:syscollector INFO Module started.
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:syscollector INFO Starting evaluation.
Feb 5, 2024 @ 16:27:26.000 wazuh-modulesd:syscollector INFO Evaluation finished.
Feb 5, 2024 @ 16:27:30.000 wazuh-syscheckd INFO (6009): File integrity monitoring scan ended.
Feb 5, 2024 @ 16:27:31.000 wazuh-analysisd INFO Total rules enabled: '6786'
Feb 5, 2024 @ 16:27:31.000 wazuh-modulesd:content-updater INFO Starting scheduled action for 'vulnerability_feed_manager'
Feb 5, 2024 @ 16:27:31.000 wazuh-modulesd:content-updater INFO Action for 'vulnerability_feed_manager' started
Feb 5, 2024 @ 16:27:31.000 wazuh-analysisd INFO The option <queue_size> is deprecated and won't apply. Set up each queue size in the internal_options file.
Feb 5, 2024 @ 16:27:31.000 wazuh-analysisd INFO Started (pid: 536).
Feb 5, 2024 @ 16:27:31.000 wazuh-modulesd:content-updater INFO Action for 'vulnerability_feed_manager' finished
Feb 5, 2024 @ 16:27:33.000 wazuh-analysisd INFO (7200): Logtest started
Feb 5, 2024 @ 16:27:33.000 wazuh-analysisd INFO EPS limit disabled
Feb 5, 2024 @ 16:27:33.000 wazuh-syscheckd INFO FIM sync module started. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
During the E2E test of Kubernetes deployment, I found an issue with the Wazuh Manager.
It seems that for some reason some of the daemons fail to start, and that causes the API to become inaccessible, showing the following error
I tried restarting the manager without success
I will attach the logs
Full logs
Filtered warnings and errors
Tasks
Could not open fileerror logs. Delete syslog and dpkg log configuration wazuh-docker#1271 Delete syslog and dpkg log configuration wazuh-kubernetes#626Some Wazuh daemons are not ready yet in node \"wazuh-manager-master\" (wazuh-modulesd->failed)"log. Solved by Core here Changes to limit the memory usage in write/read operations with rocksdb. #22693The text was updated successfully, but these errors were encountered: