wazuh-modulesd WARNING Response buffer size limit reached.

23 views
Skip to first unread message

Robby Hunters

unread,
3:06 AM (19 hours ago) 3:06 AM
to Wazuh | Mailing List
Hi Wazuh Team,

I have an issue about  wazuh-modulesd WARNING  Response buffer size limit reached. in my wazuh, 

To address this issue, I have already increased the response buffer size by setting:

wazuh_modules.response_buffer_size=10485760 

However, the warning message is still appearing in the logs. Any recommended troubleshooting steps to properly resolve this warning?  

Thank you

Regards,
Robby
Message has been deleted
Message has been deleted

Md. Nazmur Sakib

unread,
3:51 AM (19 hours ago) 3:51 AM
to Wazuh | Mailing List

Hi Robby,


The "Response buffer size limit reached" warning appears in wazuh-modulesd when it generates results too large to fit in the transmission buffer.

I am unable to find the configuration you have mentioned. Can you share any reference to this configuration, like a document or the config file path?

I am discussing this with the internal team. I will get back to you soon.

Meanwhile, can you share the ossec.log from your agent or manager where you are getting this error? So that I can review them as well.

cat /var/ossec/logs/ossec.log | grep -i -E "error|warn"

Robby Hunters

unread,
4:07 AM (18 hours ago) 4:07 AM
to Wazuh | Mailing List
Hi Nazmur,

 Sorry... Since I couldn’t find a solution in the documentation, I asked ChatGPT, and it suggested adding the following configuration to:

/var/ossec/etc/internal_options.conf

However, I believe this guidance may be incorrect.

I am seeing the following error in the Wazuh manager logs:

Screenshot 2026-02-25 160313.png

Additionally, I notice there is a time mismatch in the logs and in the Wazuh real-time monitoring.

Thankyou,

Regards,

Robby  

Reply all
Reply to author
Forward
0 new messages