To address this issue, I have already increased the response buffer size by setting:
Hi Robby,
The "Response buffer size limit reached" warning appears in wazuh-modulesd when it generates results too large to fit in the transmission buffer.
I am unable to find the configuration you have mentioned. Can you share any reference to this configuration, like a document or the config file path?
I am discussing this with the internal team. I will get back to you soon.
Meanwhile, can you share the ossec.log from your agent or manager where you are getting this error? So that I can review them as well.
cat /var/ossec/logs/ossec.log | grep -i -E "error|warn"
/var/ossec/etc/internal_options.conf
However, I believe this guidance may be incorrect.
I am seeing the following error in the Wazuh manager logs:

Additionally, I notice there is a time mismatch in the logs and in the Wazuh real-time monitoring.
Thankyou,
Regards,
Robby