Ubuntu 22.04 Vulnerability Detection
825 views
Skip to first unread message
Agra Dwi Saputra
Oct 19, 2022, 10:32:27 PM10/19/22
to Wazuh mailing list
Hi Team,
I have Wazuh 4.3.5 running on AWS EKS.
I want to add Ubuntu 22.04 for vulnerability detection.
I try to add the config like this, when save it's shown error "Could not update configuration in specified node (1908) - Error validating configuration: Invalid Ubuntu version 'jammy', (1202): Configuration error at 'etc/ossec.conf'."
<vulnerability-detector>
<enabled>yes</enabled>
<interval>5m</interval>
<ignore_time>6h</ignore_time>
<run_on_start>yes</run_on_start>
<!-- Ubuntu OS vulnerabilities -->
<provider name="canonical">
<enabled>yes</enabled>
<os>trusty</os>
<os>xenial</os>
<os>bionic</os>
<os>focal</os>
<os>jammy</os>
<update_interval>1h</update_interval>
</provider>
</vulnerability-detector>
Has anyone here experienced it? And can someone help me with this?
Thank you
Best Regards,
Agra Ds
I have Wazuh 4.3.5 running on AWS EKS.
I want to add Ubuntu 22.04 for vulnerability detection.
I try to add the config like this, when save it's shown error "Could not update configuration in specified node (1908) - Error validating configuration: Invalid Ubuntu version 'jammy', (1202): Configuration error at 'etc/ossec.conf'."
<vulnerability-detector>
<enabled>yes</enabled>
<interval>5m</interval>
<ignore_time>6h</ignore_time>
<run_on_start>yes</run_on_start>
<!-- Ubuntu OS vulnerabilities -->
<provider name="canonical">
<enabled>yes</enabled>
<os>trusty</os>
<os>xenial</os>
<os>bionic</os>
<os>focal</os>
<os>jammy</os>
<update_interval>1h</update_interval>
</provider>
</vulnerability-detector>
Has anyone here experienced it? And can someone help me with this?
Thank you
Best Regards,
Agra Ds
elw...@wazuh.com
Oct 20, 2022, 3:20:22 AM10/20/22
to Wazuh mailing list
Hello Agra,
The compatibility for Jammy was introduced in Wazuh version 4.3.6 https://github.com/wazuh/wazuh/blob/master/CHANGELOG.md#v436---2022-07-20.
I hope this helps.
Regards,
Wali
The compatibility for Jammy was introduced in Wazuh version 4.3.6 https://github.com/wazuh/wazuh/blob/master/CHANGELOG.md#v436---2022-07-20.
I hope this helps.
Regards,
Wali
Agra Dwi Saputra
Oct 20, 2022, 8:57:19 AM10/20/22
to elw...@wazuh.com, Wazuh mailing list
Hi Wali,
Thanks.
Thanks.
To upgrade from version 4.3.5 to 4.3.6 or latest (4.3.9) on the kubernetes environment (AWS EKS) is it just changing the image version according to this documentation?
Thank you
Best Regards,
Agra Ds
Agra Ds
--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/5cd944c9-4f97-4c4f-9fe4-19cbee11a1e2n%40googlegroups.com.
elw...@wazuh.com
Oct 24, 2022, 4:04:29 AM10/24/22
to Wazuh mailing list
Hello Agra,
Indeed, following that guide should help you to upgrade your Wazuh environment.
Regards,
Wali
Indeed, following that guide should help you to upgrade your Wazuh environment.
Regards,
Wali
Agra Dwi Saputra
Oct 25, 2022, 3:01:25 AM10/25/22
to Wazuh mailing list
Thank Wali for the confirmation.
I will try to upgrade.
Thank you
Best Regards,
I will try to upgrade.
Thank you
Best Regards,
Agra Ds
Fl Passelerg
Jan 12, 2023, 12:14:44 PM1/12/23
to Wazuh mailing list
Hello
I have the same problem with the vulnerability detection when I add an OS "Kali Linux"
I follow exactly the documentation allow os
but when I want to save my configuration , I have this message :
Could not update configuration (1908) - Error validating configuration: Invalid Ubuntu version 'debian', (1202): Configuration error at 'etc/ossec.conf'.
My configuration is :
<!-- Ubuntu OS vulnerabilities -->
<provider name="canonical">
<enabled>yes</enabled>
<os>trusty</os>
<os>xenial</os>
<os>bionic</os>
<os>focal</os>
<os>jammy</os>
<provider name="canonical">
<enabled>yes</enabled>
<os>trusty</os>
<os>xenial</os>
<os>bionic</os>
<os>focal</os>
<os>jammy</os>
<os allow="Kali GNU/Linux">debian</os> (I try
<os allow="Kali GNU/Linux-2022">debian</os> but It's the same pb)
<update_interval>1h</update_interval>
</provider>
<update_interval>1h</update_interval>
</provider>
My version is 4.3.10
I have several Kali linux machine with this OS
Linux kaliLatitude 5.18.0-kali5-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.5-1kali6 (2022-07-07) x86_64 GNU/Linux
and the logs in DEBUG MODE show me that my agent has an unupported OS :
Jan 12, 2023 @ 19:05:40.000 wazuh-modulesd:vulnerability-detector INFO (5431): Starting vulnerability scan.
Jan 12, 2023 @ 19:05:40.000 wazuh-modulesd:vulnerability-detector DEBUG (5485): Agent '003' has an unsupported OS: 'Kali GNU/Linux'
Jan 12, 2023 @ 19:05:40.000 wazuh-modulesd:vulnerability-detector DEBUG (5485): Agent '006' has an unsupported OS: 'Kali GNU/Linux'
Thanks for your precious help
Florence
Reply all
Reply to author
Forward
Message has been deleted
0 new messages