No logs anymore
88 views
Skip to first unread message
Matthias Appelmans
Apr 17, 2024, 5:49:28 AMApr 17
to Wazuh | Mailing List
hi all,
All of a sudden my logs stopped coming in the dashboard. They still come into archives.log, but not in the UI dashboard. anymore.
What can be the cause of that?
Regards
Antonio Kim (Wazuh)
Apr 17, 2024, 6:03:52 AMApr 17
to Wazuh | Mailing List
Hi Matthias!
Thanks for using Wazuh.
Let's see together what may be happening in your system.
I ask you to please send me the result of the following commands:
Manager
filebeat test output
cat /var/log/filebeat/filebeat | grep -i -E "error|warn"
cat /var/ossec/logs/ossec.log | grep -i -E "error|warn"
Dashboard
journalctl -u wazuh-dashboard
cat /usr/share/wazuh-dashboard/data/wazuh/logs/wazuhapp.log | grep -i -E "error|warn"
Indexer
cat /var/log/wazuh-indexer/wazuh-cluster.log | grep -i -E "error|warn"
Antonio
Thanks for using Wazuh.
Let's see together what may be happening in your system.
I ask you to please send me the result of the following commands:
Manager
filebeat test output
cat /var/log/filebeat/filebeat | grep -i -E "error|warn"
cat /var/ossec/logs/ossec.log | grep -i -E "error|warn"
Dashboard
journalctl -u wazuh-dashboard
cat /usr/share/wazuh-dashboard/data/wazuh/logs/wazuhapp.log | grep -i -E "error|warn"
Indexer
cat /var/log/wazuh-indexer/wazuh-cluster.log | grep -i -E "error|warn"
Antonio
Antonio Kim (Wazuh)
Apr 17, 2024, 6:44:17 AMApr 17
to Wazuh | Mailing List
The problem may be related to a failure in the connection of the dashboard with the rest of the components or it is most likely that the shards level has been reached
Matthias Appelmans
Apr 17, 2024, 7:15:30 AMApr 17
to Wazuh | Mailing List
Perhaps something with this?
cat /var/log/wazuh-indexer/wazuh-cluster.log | grep -i -E "error|warn"
[2024-04-17T12:22:28,888][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 427mb[1%], all indices on this node will be marked read-only
[2024-04-17T12:22:58,890][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 413.8mb[1%], all indices on this node will be marked read-only
[2024-04-17T12:23:28,893][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 400mb[1%], all indices on this node will be marked read-only
[2024-04-17T12:23:58,895][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 387.7mb[0.9%], all indices on this node will be marked read-only
[2024-04-17T12:24:28,899][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 373.5mb[0.9%], all indices on this node will be marked read-only
[2024-04-17T12:24:58,903][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 359.7mb[0.9%], all indices on this node will be marked read-only
[2024-04-17T12:25:28,906][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 345.4mb[0.8%], all indices on this node will be marked read-only
[2024-04-17T12:25:58,908][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 332.4mb[0.8%], all indices on this node will be marked read-only
[2024-04-17T12:26:28,911][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 318.7mb[0.8%], all indices on this node will be marked read-only
[2024-04-17T12:26:58,913][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 304.9mb[0.7%], all indices on this node will be marked read-only
[2024-04-17T12:27:28,916][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 290.9mb[0.7%], all indices on this node will be marked read-only
[2024-04-17T12:27:58,919][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 277.3mb[0.7%], all indices on this node will be marked read-only
[2024-04-17T12:28:28,922][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 262.4mb[0.6%], all indices on this node will be marked read-only
[2024-04-17T12:28:58,924][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 249.2mb[0.6%], all indices on this node will be marked read-only
[2024-04-17T12:29:28,927][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 234.9mb[0.5%], all indices on this node will be marked read-only
[2024-04-17T12:29:58,930][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 222.2mb[0.5%], all indices on this node will be marked read-only
[2024-04-17T12:30:28,932][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 208.8mb[0.5%], all indices on this node will be marked read-only
[2024-04-17T12:30:58,935][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 195.7mb[0.4%], all indices on this node will be marked read-only
[2024-04-17T12:31:28,938][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 181.9mb[0.4%], all indices on this node will be marked read-only
[2024-04-17T12:31:58,941][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 167.8mb[0.4%], all indices on this node will be marked read-only
[2024-04-17T12:32:28,943][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 153.6mb[0.3%], all indices on this node will be marked read-only
[2024-04-17T12:32:58,592][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [OlsQsGw4Sy-IEgt0OyooeQ#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,592][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [satPu01PSLWtwtGRSBzmSw#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,593][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [Gkikwdr7SlaxoIGHjys4jw#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,593][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [RXov812ZT1uEW4jTgtMbRA#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,593][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [mF2wp2E9TKqcZr8BrsIALg#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,593][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [azy8pVV3TpaXast--FF7hg#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,593][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [j5Idj9i3Q3qoNPkmI7-K0A#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,593][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [yMV5qWWfT26XAISQ-WEjJg#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,594][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [CfYYrr24SsqbkNbS2XcE0Q#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,594][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [LmR6fUbsTdObpQ9XY2ut0g#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,594][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [H2yMoXO3SPu-cGomTqSOgg#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,594][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [0f4HjYE6Rzmkvwfiei_0Cg#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,594][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [rJzvXWHkRX6PmV_DIpqA_w#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,594][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [iVrey3msTPqfTb5boFbcyA#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,595][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [jqNK3qXcR7O86oIkVoXsyw#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,595][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [13gzuzqASduFZymuonP9RA#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,595][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [TXTbu9RlQeqVhVYQ3WVu2Q#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,595][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [qsdbMoyaQfWx_m2YOPWCYA#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,595][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [x_ywxsi7TLC-bJIxBWRgMg#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,947][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 140.3mb[0.3%], all indices on this node will be marked read-only
[2024-04-17T12:33:28,951][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 126.2mb[0.3%], all indices on this node will be marked read-only
[2024-04-17T12:33:58,953][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 113.1mb[0.2%], all indices on this node will be marked read-only
[2024-04-17T12:34:28,955][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 98.9mb[0.2%], all indices on this node will be marked read-only
[2024-04-17T12:34:58,957][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 85.6mb[0.2%], all indices on this node will be marked read-only
[2024-04-17T12:35:28,960][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 72.1mb[0.1%], all indices on this node will be marked read-only
[2024-04-17T12:35:58,963][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 59.7mb[0.1%], all indices on this node will be marked read-only
[2024-04-17T12:36:28,966][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 45.5mb[0.1%], all indices on this node will be marked read-only
[2024-04-17T12:36:58,968][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 31.6mb[0%], all indices on this node will be marked read-only
[2024-04-17T12:37:28,971][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 17.2mb[0%], all indices on this node will be marked read-only
[2024-04-17T12:37:58,973][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 3.7mb[0%], all indices on this node will be marked read-only
[2024-04-17T12:38:28,975][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 0b[0%], all indices on this node will be marked read-only
[2024-04-17T12:38:57,154][ERROR][o.o.m.f.FsHealthService ] [node-1] health check of [/var/lib/wazuh-indexer/nodes/0] failed
[2024-04-17T12:38:58,981][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 0b[0%], all indices on this node will be marked read-only
[2024-04-17T12:22:58,890][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 413.8mb[1%], all indices on this node will be marked read-only
[2024-04-17T12:23:28,893][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 400mb[1%], all indices on this node will be marked read-only
[2024-04-17T12:23:58,895][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 387.7mb[0.9%], all indices on this node will be marked read-only
[2024-04-17T12:24:28,899][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 373.5mb[0.9%], all indices on this node will be marked read-only
[2024-04-17T12:24:58,903][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 359.7mb[0.9%], all indices on this node will be marked read-only
[2024-04-17T12:25:28,906][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 345.4mb[0.8%], all indices on this node will be marked read-only
[2024-04-17T12:25:58,908][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 332.4mb[0.8%], all indices on this node will be marked read-only
[2024-04-17T12:26:28,911][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 318.7mb[0.8%], all indices on this node will be marked read-only
[2024-04-17T12:26:58,913][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 304.9mb[0.7%], all indices on this node will be marked read-only
[2024-04-17T12:27:28,916][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 290.9mb[0.7%], all indices on this node will be marked read-only
[2024-04-17T12:27:58,919][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 277.3mb[0.7%], all indices on this node will be marked read-only
[2024-04-17T12:28:28,922][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 262.4mb[0.6%], all indices on this node will be marked read-only
[2024-04-17T12:28:58,924][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 249.2mb[0.6%], all indices on this node will be marked read-only
[2024-04-17T12:29:28,927][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 234.9mb[0.5%], all indices on this node will be marked read-only
[2024-04-17T12:29:58,930][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 222.2mb[0.5%], all indices on this node will be marked read-only
[2024-04-17T12:30:28,932][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 208.8mb[0.5%], all indices on this node will be marked read-only
[2024-04-17T12:30:58,935][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 195.7mb[0.4%], all indices on this node will be marked read-only
[2024-04-17T12:31:28,938][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 181.9mb[0.4%], all indices on this node will be marked read-only
[2024-04-17T12:31:58,941][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 167.8mb[0.4%], all indices on this node will be marked read-only
[2024-04-17T12:32:28,943][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 153.6mb[0.3%], all indices on this node will be marked read-only
[2024-04-17T12:32:58,592][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [OlsQsGw4Sy-IEgt0OyooeQ#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,592][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [satPu01PSLWtwtGRSBzmSw#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,593][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [Gkikwdr7SlaxoIGHjys4jw#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,593][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [RXov812ZT1uEW4jTgtMbRA#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,593][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [mF2wp2E9TKqcZr8BrsIALg#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,593][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [azy8pVV3TpaXast--FF7hg#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,593][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [j5Idj9i3Q3qoNPkmI7-K0A#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,593][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [yMV5qWWfT26XAISQ-WEjJg#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,594][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [CfYYrr24SsqbkNbS2XcE0Q#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,594][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [LmR6fUbsTdObpQ9XY2ut0g#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,594][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [H2yMoXO3SPu-cGomTqSOgg#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,594][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [0f4HjYE6Rzmkvwfiei_0Cg#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,594][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [rJzvXWHkRX6PmV_DIpqA_w#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,594][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [iVrey3msTPqfTb5boFbcyA#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,595][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [jqNK3qXcR7O86oIkVoXsyw#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,595][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [13gzuzqASduFZymuonP9RA#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,595][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [TXTbu9RlQeqVhVYQ3WVu2Q#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,595][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [qsdbMoyaQfWx_m2YOPWCYA#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,595][ERROR][o.o.i.i.ManagedIndexCoordinator] [node-1] Failed to clear ManagedIndexMetadata for index uuid: [x_ywxsi7TLC-bJIxBWRgMg#metadata], failureMessage: ClusterBlockException[index [.opendistro-ism-config] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block];]
[2024-04-17T12:32:58,947][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 140.3mb[0.3%], all indices on this node will be marked read-only
[2024-04-17T12:33:28,951][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 126.2mb[0.3%], all indices on this node will be marked read-only
[2024-04-17T12:33:58,953][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 113.1mb[0.2%], all indices on this node will be marked read-only
[2024-04-17T12:34:28,955][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 98.9mb[0.2%], all indices on this node will be marked read-only
[2024-04-17T12:34:58,957][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 85.6mb[0.2%], all indices on this node will be marked read-only
[2024-04-17T12:35:28,960][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 72.1mb[0.1%], all indices on this node will be marked read-only
[2024-04-17T12:35:58,963][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 59.7mb[0.1%], all indices on this node will be marked read-only
[2024-04-17T12:36:28,966][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 45.5mb[0.1%], all indices on this node will be marked read-only
[2024-04-17T12:36:58,968][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 31.6mb[0%], all indices on this node will be marked read-only
[2024-04-17T12:37:28,971][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 17.2mb[0%], all indices on this node will be marked read-only
[2024-04-17T12:37:58,973][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 3.7mb[0%], all indices on this node will be marked read-only
[2024-04-17T12:38:28,975][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 0b[0%], all indices on this node will be marked read-only
[2024-04-17T12:38:57,154][ERROR][o.o.m.f.FsHealthService ] [node-1] health check of [/var/lib/wazuh-indexer/nodes/0] failed
[2024-04-17T12:38:58,981][WARN ][o.o.c.r.a.DiskThresholdMonitor] [node-1] flood stage disk watermark [95%] exceeded on [IJiTyLpfScChtARL8NEzyw][node-1][/var/lib/wazuh-indexer/nodes/0] free: 0b[0%], all indices on this node will be marked read-only
Op woensdag 17 april 2024 om 12:44:17 UTC+2 schreef Antonio Kim (Wazuh):
Matthias Appelmans
Apr 17, 2024, 7:39:26 AMApr 17
to Wazuh | Mailing List
Now I can't even start/restart the wazuh manager anymore
Op woensdag 17 april 2024 om 13:15:30 UTC+2 schreef Matthias Appelmans:
Antonio Kim (Wazuh)
Apr 17, 2024, 7:51:37 AMApr 17
to Wazuh | Mailing List
What is the message you have when you try restarting it?
Matthias Appelmans
Apr 17, 2024, 7:54:22 AMApr 17
to Wazuh | Mailing List
root@WAZUH-VM:/home/matthias# systemctl restart wazuh-manager
Job for wazuh-manager.service failed because the control process exited with error code.
See "systemctl status wazuh-manager.service" and "journalctl -xeu wazuh-manager.service" for details.
Job for wazuh-manager.service failed because the control process exited with error code.
See "systemctl status wazuh-manager.service" and "journalctl -xeu wazuh-manager.service" for details.
journalctl -xeu wazuh-manager.service output:
apr 17 13:51:37 WAZUH-VM env[1262]: wazuh-apid: Non existent process 916, removing from /var/ossec/var/run...
apr 17 13:51:37 WAZUH-VM env[1263]: wazuh-apid: Non existent process 916, removing from /var/ossec/var/run...
apr 17 13:51:37 WAZUH-VM env[1264]: wazuh-apid: Non existent process 916, removing from /var/ossec/var/run...
apr 17 13:51:47 WAZUH-VM env[1207]: wazuh-apid did not start correctly.
apr 17 13:51:47 WAZUH-VM systemd[1]: wazuh-manager.service: Control process exited, code=exited, status=1/FAILURE
Op woensdag 17 april 2024 om 13:51:37 UTC+2 schreef Antonio Kim (Wazuh):
Antonio Kim (Wazuh)
Apr 17, 2024, 7:55:54 AMApr 17
to Wazuh | Mailing List
[2024-04-17T12:32:58,592][ERROR][o.o.i.i.ManagedIndexCoordinator]
[node-1] Failed to clear ManagedIndexMetadata for index uuid:
[OlsQsGw4Sy-IEgt0OyooeQ#metadata], failureMessage:
ClusterBlockException[index [.opendistro-ism-config] blocked by:
[TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index
has read-only-allow-delete block];]
It
looks like you don't have enough disk space. When you are low on disk,
the indexer could reach the flood-stage disk usage watermark, and
depending on the situation, if it affects system indices, some features
may become unavailable (login, searching, indexing, etc).
You need to add more space to your disk or free up space.
If you can remove indices, just access your node server and use the indexer API to remove some indices:
- curl -k -u user:pass -XDELETE 'http://localhost:9200/<index name>' (you can use wildcards like wazuh-alerts-*)
- Reference: https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-delete-index.html
What
version of Wazuh are you using? Do you have wazuh-indexer,
Elasticsearch, Opendistro? Do you have a cluster or only 1 node for the
indexer?
I hope it helps.
Antonio Kim (Wazuh)
Apr 17, 2024, 8:02:52 AMApr 17
to Wazuh | Mailing List
Can you bring me the result of: cat /var/ossec/logs/ossec.log | grep -i -E "error|warn"
I wish to check why the manager is not being able to restart...
Antonio
Matthias Appelmans
Apr 17, 2024, 8:04:49 AMApr 17
to Wazuh | Mailing List
I added more diskspace for my vm.
I'm using wazuh v4.7.2 OVA installation with opensearch
apr 17 14:01:26 WAZUH-VM env[1214]: Starting Wazuh v4.7.2...
apr 17 14:01:29 WAZUH-VM env[1275]: wazuh-apid: Non existent process 1142, removing from /var/ossec/var/run...
apr 17 14:01:29 WAZUH-VM env[1276]: wazuh-apid: Non existent process 1142, removing from /var/ossec/var/run...
apr 17 14:01:29 WAZUH-VM env[1277]: wazuh-apid: Non existent process 1142, removing from /var/ossec/var/run...
apr 17 14:01:39 WAZUH-VM env[1214]: wazuh-apid did not start correctly.
apr 17 14:01:39 WAZUH-VM systemd[1]: wazuh-manager.service: Control process exited, code=exited, status=1/FAILURE
I still can't restart the manager though. something with a wazuh-apid?
apr 17 14:01:26 WAZUH-VM env[1214]: Starting Wazuh v4.7.2...
apr 17 14:01:29 WAZUH-VM env[1275]: wazuh-apid: Non existent process 1142, removing from /var/ossec/var/run...
apr 17 14:01:29 WAZUH-VM env[1276]: wazuh-apid: Non existent process 1142, removing from /var/ossec/var/run...
apr 17 14:01:29 WAZUH-VM env[1277]: wazuh-apid: Non existent process 1142, removing from /var/ossec/var/run...
apr 17 14:01:39 WAZUH-VM env[1214]: wazuh-apid did not start correctly.
apr 17 14:01:39 WAZUH-VM systemd[1]: wazuh-manager.service: Control process exited, code=exited, status=1/FAILURE
Op woensdag 17 april 2024 om 13:55:54 UTC+2 schreef Antonio Kim (Wazuh):
Matthias Appelmans
Apr 17, 2024, 8:05:49 AMApr 17
to Wazuh | Mailing List
Output
cat /var/ossec/logs/ossec.log | grep -i -E "error|warn"
2024/04/17 11:00:58 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:00:58 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:00:58 wazuh-testrule: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:01:01 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 11:01:05 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:01:05 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:01:05 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:01:05 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:01:06 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 11:01:09 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:06:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:06:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:11:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:11:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:16:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:16:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:21:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:21:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:26:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:26:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:31:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:31:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:35:02 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:02 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:02 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:02 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:35:04 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:04 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:04 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:04 wazuh-testrule: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:35:06 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 11:35:09 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:09 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:09 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:10 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:35:11 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 11:35:13 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:36:03 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:03 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:03 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:04 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:36:05 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:05 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:05 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:05 wazuh-testrule: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:36:07 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 11:36:10 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:10 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:10 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:11 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:36:13 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 11:36:14 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:41:42 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:41:42 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:41:42 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:41:43 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:41:46 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:41:46 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:41:46 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:41:47 wazuh-testrule: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:41:55 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 11:42:00 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:42:00 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:42:00 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:42:00 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 11:42:03 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:42:06 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:42:06 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:47:06 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:47:06 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:52:06 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:52:06 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:57:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:57:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:02:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:02:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:07:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:07:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:12:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:12:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:17:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:17:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:22:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:22:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:27:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:27:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:32:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:32:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:37:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:37:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:38:17 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:17 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:17 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:17 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:18 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:18 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:18 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:18 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:19 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:19 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:19 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:19 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:19 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:19 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:19 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:42:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:42:28 wazuh-db: ERROR: Deleting old information from 'sys_hwinfo' table: database or disk is full
2024/04/17 12:42:28 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:28 wazuh-db: ERROR: Deleting old information from 'sys_osinfo' table: database or disk is full
2024/04/17 12:42:28 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:28 wazuh-db: ERROR: at wdb_netinfo_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:28 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:30 wazuh-db: ERROR: at wdb_port_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:30 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:31 wazuh-db: ERROR: at wdb_port_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:31 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:32 wazuh-db: ERROR: at wdb_port_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:32 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:33 wazuh-db: ERROR: at wdb_port_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:33 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:40 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:40 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:40 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:40 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:40 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:40 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:42 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:42 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:42 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:42 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:42 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:42 wazuh-analysisd: ERROR: dbsync: 2024/04/17 12:47:07 wazuh-modulesd:vulnerability-detector: INFO: (5431): Starting vulnerability scan.
2024/04/17 12:47:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:47:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:52:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:52:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:52:11 wazuh-db: ERROR: Cannot set connection_status for agent 3
2024/04/17 12:52:11 wazuh-db: ERROR: Cannot set connection_status for agent 7
2024/04/17 12:52:11 wazuh-db: ERROR: Cannot set connection_status for agent 8
2024/04/17 12:55:30 wazuh-db: ERROR: Deleting old information from 'sys_hwinfo' table: database or disk is full
2024/04/17 12:55:30 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:30 wazuh-db: ERROR: Deleting old information from 'sys_osinfo' table: database or disk is full
2024/04/17 12:55:30 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:30 wazuh-db: ERROR: at wdb_netinfo_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:30 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:42 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:42 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:43 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:43 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:45 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:45 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:47 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:47 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:48 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:48 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:50 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:50 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:50 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:50 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:50 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:50 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:50 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full2024/04/17 12:57:08 wazuh-modulesd:vulnerability-detector: INFO: (5431): Starting vulnerability scan.
2024/04/17 12:57:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:57:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 13:02:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 13:02:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 13:02:11 wazuh-db: ERROR: Cannot set connection_status for agent 3
2024/04/17 13:02:11 wazuh-db: ERROR: Cannot set connection_status for agent 7
2024/04/17 13:02:11 wazuh-db: ERROR: Cannot set connection_status for agent 8
2024/04/17 13:07:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 13:07:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 13:12:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 13:12:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 13:12:11 wazuh-db: ERROR: Cannot set connection_status for agent 3
2024/04/17 13:12:11 wazuh-db: ERROR: Cannot set connection_status for agent 7
2024/04/17 13:12:11 wazuh-db: ERROR: Cannot set connection_status for agent 8
2024/04/17 13:17:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 13:17:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 13:18:08 wazuh-analysisd: ERROR: Read error on queue/diff/WAZUH-VM/535/last-entry: file empty.
2024/04/17 13:20:48 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:20:48 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:20:48 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:20:49 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 13:20:50 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:20:50 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:20:50 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:20:50 wazuh-testrule: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 13:22:21 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:22:21 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:22:21 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:22:23 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:22:23 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:22:23 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:26:58 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:26:58 wazuh-analysisd: WARNING: (72024/04/17 13:26:59 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:26:59 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:26:59 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:29:59 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:29:59 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:29:59 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:00 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:00 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:00 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:43 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:43 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:43 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:45 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:45 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:45 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:38:51 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:38:51 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:38:51 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:38:53 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:38:53 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:38:53 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:43:50 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:43:50 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:43:50 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:43:52 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:43:52 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:43:52 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:50:15 wazuh-analysisd: WARNING: (7613): Rule ID2024/04/17 13:50:17 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:50:17 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:50:17 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:01 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:01 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:01 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:03 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:03 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:03 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:33 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:33 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:33 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:35 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:35 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:35 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:53:18 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:53:18 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:53:18 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:53:19 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:53:19 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:53:19 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:54:32 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:54:32 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:54:32 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:54:33 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:54:33 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:54:33 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:00:27 wazuh-analysisd: WARNING: (7613): Rule ID2024/04/17 14:00:30 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:00:30 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:00:30 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:01:25 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:01:25 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:01:25 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:01:27 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:01:27 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:01:27 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:00:58 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:00:58 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:00:58 wazuh-testrule: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:01:01 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 11:01:05 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:01:05 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:01:05 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:01:05 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:01:06 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 11:01:09 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:06:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:06:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:11:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:11:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:16:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:16:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:21:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:21:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:26:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:26:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:31:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:31:10 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:35:02 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:02 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:02 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:02 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:35:04 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:04 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:04 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:04 wazuh-testrule: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:35:06 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 11:35:09 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:09 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:09 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:35:10 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:35:11 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 11:35:13 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:36:03 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:03 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:03 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:04 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:36:05 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:05 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:05 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:05 wazuh-testrule: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:36:07 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 11:36:10 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:10 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:10 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:36:11 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:36:13 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 11:36:14 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:41:42 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:41:42 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:41:42 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:41:43 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:41:46 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:41:46 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:41:46 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:41:47 wazuh-testrule: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:41:55 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 11:42:00 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:42:00 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:42:00 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:42:00 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 11:42:03 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:42:06 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:42:06 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:47:06 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:47:06 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:52:06 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:52:06 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:57:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 11:57:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:02:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:02:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:07:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:07:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:12:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:12:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:17:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:17:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:22:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:22:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:27:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:27:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:32:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:32:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:37:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:37:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:38:17 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:17 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:17 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:17 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:18 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:18 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:18 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:18 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:19 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:19 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:19 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:19 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:19 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:38:19 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:38:19 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:42:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:42:28 wazuh-db: ERROR: Deleting old information from 'sys_hwinfo' table: database or disk is full
2024/04/17 12:42:28 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:28 wazuh-db: ERROR: Deleting old information from 'sys_osinfo' table: database or disk is full
2024/04/17 12:42:28 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:28 wazuh-db: ERROR: at wdb_netinfo_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:28 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:30 wazuh-db: ERROR: at wdb_port_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:30 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:31 wazuh-db: ERROR: at wdb_port_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:31 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:32 wazuh-db: ERROR: at wdb_port_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:32 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:33 wazuh-db: ERROR: at wdb_port_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:33 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:40 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:40 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:40 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:40 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:40 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:40 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:42 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:42 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:42 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:42 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:42:42 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:42:42 wazuh-analysisd: ERROR: dbsync: 2024/04/17 12:47:07 wazuh-modulesd:vulnerability-detector: INFO: (5431): Starting vulnerability scan.
2024/04/17 12:47:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:47:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:52:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:52:07 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 12:52:11 wazuh-db: ERROR: Cannot set connection_status for agent 3
2024/04/17 12:52:11 wazuh-db: ERROR: Cannot set connection_status for agent 7
2024/04/17 12:52:11 wazuh-db: ERROR: Cannot set connection_status for agent 8
2024/04/17 12:55:30 wazuh-db: ERROR: Deleting old information from 'sys_hwinfo' table: database or disk is full
2024/04/17 12:55:30 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:30 wazuh-db: ERROR: Deleting old information from 'sys_osinfo' table: database or disk is full
2024/04/17 12:55:30 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:30 wazuh-db: ERROR: at wdb_netinfo_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:30 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:42 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:42 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:43 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:43 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:45 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:45 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:47 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:47 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:48 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:48 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:50 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:50 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:50 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:50 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:50 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full
2024/04/17 12:55:50 wazuh-analysisd: ERROR: dbsync: Bad response from database: Cannot save Syscollector
2024/04/17 12:55:50 wazuh-db: ERROR: at wdb_process_insert(): sqlite3_step(): database or disk is full2024/04/17 12:57:08 wazuh-modulesd:vulnerability-detector: INFO: (5431): Starting vulnerability scan.
2024/04/17 12:57:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 12:57:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 13:02:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 13:02:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 13:02:11 wazuh-db: ERROR: Cannot set connection_status for agent 3
2024/04/17 13:02:11 wazuh-db: ERROR: Cannot set connection_status for agent 7
2024/04/17 13:02:11 wazuh-db: ERROR: Cannot set connection_status for agent 8
2024/04/17 13:07:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 13:07:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 13:12:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 13:12:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 13:12:11 wazuh-db: ERROR: Cannot set connection_status for agent 3
2024/04/17 13:12:11 wazuh-db: ERROR: Cannot set connection_status for agent 7
2024/04/17 13:12:11 wazuh-db: ERROR: Cannot set connection_status for agent 8
2024/04/17 13:17:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 13:17:08 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 13:18:08 wazuh-analysisd: ERROR: Read error on queue/diff/WAZUH-VM/535/last-entry: file empty.
2024/04/17 13:20:48 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:20:48 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:20:48 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:20:49 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 13:20:50 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:20:50 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:20:50 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:20:50 wazuh-testrule: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 13:22:21 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:22:21 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:22:21 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:22:23 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:22:23 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:22:23 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:26:58 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:26:58 wazuh-analysisd: WARNING: (72024/04/17 13:26:59 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:26:59 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:26:59 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:29:59 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:29:59 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:29:59 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:00 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:00 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:00 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:43 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:43 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:43 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:45 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:45 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:30:45 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:38:51 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:38:51 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:38:51 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:38:53 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:38:53 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:38:53 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:43:50 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:43:50 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:43:50 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:43:52 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:43:52 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:43:52 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:50:15 wazuh-analysisd: WARNING: (7613): Rule ID2024/04/17 13:50:17 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:50:17 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:50:17 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:01 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:01 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:01 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:03 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:03 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:03 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:33 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:33 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:33 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:35 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:35 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:51:35 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:53:18 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:53:18 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:53:18 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:53:19 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:53:19 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:53:19 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:54:32 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:54:32 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:54:32 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:54:33 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:54:33 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 13:54:33 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:00:27 wazuh-analysisd: WARNING: (7613): Rule ID2024/04/17 14:00:30 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:00:30 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:00:30 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:01:25 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:01:25 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:01:25 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:01:27 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:01:27 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:01:27 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
Op woensdag 17 april 2024 om 14:04:49 UTC+2 schreef Matthias Appelmans:
Antonio Kim (Wazuh)
Apr 17, 2024, 8:44:55 AMApr 17
to Wazuh | Mailing List
As I had mentioned previously, it seems that the disk for wazuh has been filled.
I would recommend following this documentation:
https://groups.google.com/g/wazuh/c/6C7N80kDCR0
and see if by extending the disk capacity you can restart the manager.
After restarting it, we will have to see if making backups and deleting files for its proper functioning.
I would recommend following this documentation:
https://groups.google.com/g/wazuh/c/6C7N80kDCR0
and see if by extending the disk capacity you can restart the manager.
After restarting it, we will have to see if making backups and deleting files for its proper functioning.
Matthias Appelmans
Apr 17, 2024, 8:47:52 AMApr 17
to Wazuh | Mailing List
I expanded it when you told me to, I added 150GB more, still unable to restart :D
Op woensdag 17 april 2024 om 14:44:55 UTC+2 schreef Antonio Kim (Wazuh):
Antonio Kim (Wazuh)
Apr 17, 2024, 9:02:39 AMApr 17
to Wazuh | Mailing List
Can you bring me the result of: cat /var/ossec/logs/ossec.log | grep -i -E "error|warn"
Matthias Appelmans
Apr 17, 2024, 9:07:57 AMApr 17
to Wazuh | Mailing List
2024/04/17 10:22:47 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:22:47 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 10:24:01 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:24:01 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:24:01 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:24:01 wazuh-analysisd: ERROR: (1226): Error reading XML file 'ruleset/rules/barracuda_custom_rules.xml': XMLERR: Element not opened. (line 14).
2024/04/17 10:24:01 wazuh-analysisd: CRITICAL: (1220): Error loading the rules: 'ruleset/rules/barracuda_custom_rules.xml'.
2024/04/17 10:25:46 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:25:46 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:25:46 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:25:47 wazuh-analysisd: ERROR: (1226): Error reading XML file 'ruleset/rules/barracuda_custom_rules.xml': XMLERR: Element not opened. (line 14).
2024/04/17 10:25:47 wazuh-analysisd: CRITICAL: (1220): Error loading the rules: 'ruleset/rules/barracuda_custom_rules.xml'.
2024/04/17 10:26:02 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:02 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:02 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:04 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:04 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:04 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:07 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 10:26:10 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:10 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:10 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:11 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 10:26:13 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:26:13 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 10:28:06 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:06 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:06 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:07 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:07 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:07 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:10 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 10:28:14 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:14 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:14 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:17 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 10:28:20 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:33:21 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:33:21 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 10:35:45 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:45 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:45 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:46 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:46 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:46 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:49 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 10:35:53 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:53 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:53 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:55 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 10:35:57 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:40:58 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:40:58 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 10:45:59 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:45:59 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 10:50:59 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:50:59 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 10:54:13 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:13 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:13 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:15 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:15 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:15 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:17 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 10:54:19 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:19 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:19 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:22 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 10:54:24 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:59:25 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:59:25 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:00:56 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:00:56 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:00:56 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:00:57 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:00:58 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.2024/04/17 14:14:28 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:14:28 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:14:28 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:14:29 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:14:29 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:14:29 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:08 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:08 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:08 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:09 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:09 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:09 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:22:47 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 10:24:01 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:24:01 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:24:01 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:24:01 wazuh-analysisd: ERROR: (1226): Error reading XML file 'ruleset/rules/barracuda_custom_rules.xml': XMLERR: Element not opened. (line 14).
2024/04/17 10:24:01 wazuh-analysisd: CRITICAL: (1220): Error loading the rules: 'ruleset/rules/barracuda_custom_rules.xml'.
2024/04/17 10:25:46 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:25:46 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:25:46 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:25:47 wazuh-analysisd: ERROR: (1226): Error reading XML file 'ruleset/rules/barracuda_custom_rules.xml': XMLERR: Element not opened. (line 14).
2024/04/17 10:25:47 wazuh-analysisd: CRITICAL: (1220): Error loading the rules: 'ruleset/rules/barracuda_custom_rules.xml'.
2024/04/17 10:26:02 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:02 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:02 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:04 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:04 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:04 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:07 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 10:26:10 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:10 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:10 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:26:11 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 10:26:13 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:26:13 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 10:28:06 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:06 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:06 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:07 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:07 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:07 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:10 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 10:28:14 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:14 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:14 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:28:17 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 10:28:20 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:33:21 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:33:21 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 10:35:45 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:45 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:45 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:46 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:46 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:46 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:49 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 10:35:53 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:53 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:53 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:35:55 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 10:35:57 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:40:58 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:40:58 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 10:45:59 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:45:59 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 10:50:59 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:50:59 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 10:54:13 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:13 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:13 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:15 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:15 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:15 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:17 wazuh-integratord: ERROR: Unable to enable integration for: 'custom-email-alerts'. File not found inside 'integrations'.
2024/04/17 10:54:19 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:19 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:19 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 10:54:22 wazuh-logcollector: ERROR: (1103): Could not open file '/var/log/testing.log' due to [(2)-(No such file or directory)].
2024/04/17 10:54:24 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:59:25 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '000' OS. Skipping it.
2024/04/17 10:59:25 wazuh-modulesd:vulnerability-detector: WARNING: (5575): Unavailable vulnerability data for the agent '008' OS. Skipping it.
2024/04/17 11:00:56 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:00:56 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:00:56 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 11:00:57 wazuh-analysisd: WARNING: (7612): Rule ID '201009' is duplicated. Only the first occurrence will be considered.
2024/04/17 11:00:58 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:14:28 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:14:28 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:14:29 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:14:29 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:14:29 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:08 wazuh-analysisd: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:08 wazuh-analysisd: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:08 wazuh-analysisd: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:09 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:09 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:09 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
Op woensdag 17 april 2024 om 15:02:39 UTC+2 schreef Antonio Kim (Wazuh):
Antonio Kim (Wazuh)
Apr 17, 2024, 9:14:51 AMApr 17
to Wazuh | Mailing List
Do you know how long you have had these conflicts?
2024/04/17 14:31:09 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:09 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:09 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:09 wazuh-testrule: WARNING: (7613): Rule ID '61656' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:09 wazuh-testrule: WARNING: (7613): Rule ID '61657' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
2024/04/17 14:31:09 wazuh-testrule: WARNING: (7613): Rule ID '61658' does not exist but 'overwrite' is set to 'yes'. Still, the rule will be loaded.
Have you been able to check that the disk space has indeed been expanded in the virtual machine?
Matthias Appelmans
Apr 17, 2024, 9:36:45 AMApr 17
to Wazuh | Mailing List
Yes, the gpart disk space worked, I can restart my manager again. Thank you!
However, I still don't see any new logs on the dashboard!
Op woensdag 17 april 2024 om 15:14:51 UTC+2 schreef Antonio Kim (Wazuh):
Matthias Appelmans
Apr 17, 2024, 9:41:44 AMApr 17
to Wazuh | Mailing List
Oh, the logs are coming in, he is fetching everything that wasn't indexed in the time it storage was full
Op woensdag 17 april 2024 om 15:36:45 UTC+2 schreef Matthias Appelmans:
Antonio Kim (Wazuh)
Apr 17, 2024, 10:37:12 AMApr 17
to Wazuh | Mailing List
Awesome Matthias!
Please let me know if you need further information.
Regards
Antonio
Please let me know if you need further information.
Regards
Antonio
Matthias Appelmans
Apr 17, 2024, 10:47:01 AMApr 17
to Wazuh | Mailing List
Everything worked out fine. Thank you very much
Op woensdag 17 april 2024 om 16:37:12 UTC+2 schreef Antonio Kim (Wazuh):
Reply all
Reply to author
Forward
0 new messages