vulnerability module over one agent dont work

[German DiCasas]

Hi team,

I have wazuh 4.14.1 all in one. All agents works ok but only one is not showing nothing over the vulnerability module. I mean no dashboard, no inventory and no events.

I deleted the agent and installed again, the same. Let me know 

this log over ossec.log can be the problem?
2026/03/19 14:59:57 wazuh-remoted: WARNING: Agent key already in use: agent ID '018'

Regards,

German

[Javier Adán Méndez Méndez]

Hi German, sorry for the late reply.

That log error is definitely the smoking gun. It means the manager still has a stale registration for ID 018, preventing the "new" agent from communicating correctly. Since the vulnerability module relies on a clean, active connection to report data, this conflict is likely the cause.

Try these steps to clear it up:

1. Remove the agent on the Manager side: Don't just reinstall the agent software. You need to delete the entry from the manager's database:

   • Run /var/ossec/bin/manage_agents and use the (R)emove option for ID 018.

   • Alternatively, use: /var/ossec/bin/agent_control -r -i 018

2. Restart the Wazuh Manager: This ensures the keys are cleared from memory.

3. Re-register the Agent: After the manager is back up, register the agent as if it were brand new.

4. Check Vulnerability Settings: Ensure the <vulnerability-detector> is enabled in your ossec.conf on the manager and that the agent's OS is supported.