Vulnerability Detection dashboard problems
322 views
Skip to first unread message
Emre Erdem
Jan 15, 2025, 1:04:19 PM1/15/25
to Wazuh | Mailing List
Hello Everyone ,
On Monday I upgraded from version 4.9.1 to version 4.10 and it was working without any problems. Today I reset it according to the instructions in the vulnerability detection document and there are no security vulnerabilities in the events but no data is displayed on the dashboard. Can you help me with this?
The document I applied exactly the same; wazuh-documents
Best regards
On Monday I upgraded from version 4.9.1 to version 4.10 and it was working without any problems. Today I reset it according to the instructions in the vulnerability detection document and there are no security vulnerabilities in the events but no data is displayed on the dashboard. Can you help me with this?
The document I applied exactly the same; wazuh-documents
Best regards
Andrehens Chicfici
Jan 16, 2025, 2:50:12 AM1/16/25
to Wazuh | Mailing List
Hey,
I have the same problem. After Upgrade from 4.9.1 to 4.10 there are no data points anymore. Just the 'Events' tab shows some data as you can see on my screenshots:
cheers
chic
Jan Benetka
Jan 16, 2025, 4:26:57 AM1/16/25
to Wazuh | Mailing List
Hey All,
I am getting same issue for me:
cluster health: "status":"green","timed_out":false,"number_of_nodes":1,"number_of_data_nodes":1,"discovered_master":true,"discovered_cluster_manager":true,"active_primary_shards":198,"active_shards":198,"relocating_shards":0,"initializing_shards":0,"unassigned_shards":0,"delayed_unassigned_shards":0,"number_of_pending_tasks":0,"number_of_in_flight_fetch":0,"task_max_waiting_in_queue_millis":0,"active_shards_percent_as_number":100.0}
cat /var/ossec/logs/ossec.log | grep vuln
2025/01/16 10:16:21 wazuh-modulesd:vulnerability-scanner: INFO: Stopping vulnerability_scanner module.
2025/01/16 10:19:56 wazuh-modulesd:vulnerability-scanner: INFO: Starting vulnerability_scanner module.
2025/01/16 10:19:56 indexer-connector: WARNING: IndexerConnector initialization failed for index 'wazuh-states-vulnerabilities-clustername', retrying until the connection is successful.
2025/01/16 10:19:57 wazuh-modulesd:vulnerability-scanner: INFO: Vulnerability scanner module started
2025/01/16 10:16:21 wazuh-modulesd:vulnerability-scanner: INFO: Stopping vulnerability_scanner module.
2025/01/16 10:19:56 wazuh-modulesd:vulnerability-scanner: INFO: Starting vulnerability_scanner module.
2025/01/16 10:19:56 indexer-connector: WARNING: IndexerConnector initialization failed for index 'wazuh-states-vulnerabilities-clustername', retrying until the connection is successful.
2025/01/16 10:19:57 wazuh-modulesd:vulnerability-scanner: INFO: Vulnerability scanner module started
I did the same as Emre Erdem mentioned.
vulnerability index did not recreate automatically after deleting it. Is there any way how to recreate it?
vulnerability index did not recreate automatically after deleting it. Is there any way how to recreate it?
Regards,
Jan
Rolly Davany Mougoue Kakanou
Jan 17, 2025, 9:49:24 AM1/17/25
to Wazuh | Mailing List
Hello Emre,
This will recreate the vulnerability index automatically. It may take some time to update the vulnerability index.
Let me know if this solves the issue.
Please share the out put of the following command:
cat /var/ossec/logs/ossec.log | grep -Ei "vulnerability|indexer"
If you you do not see any error from the above command, go to Index Management > indices>
Select the wazuh-states-vulnerabilities index
Click on Action
And delete the index
Next, restart the indexer service and Wazuh manager service
systemctl restart wazuh-indexer
systemctl restart wazuh-manager
This will recreate the vulnerability index automatically. It may take some time to update the vulnerability index.
Let me know if this solves the issue.
Best regards,
Rolly Mougoue
Sasi Kumar
Aug 28, 2025, 8:25:31 AM8/28/25
to Wazuh | Mailing List
Hi Emre,
Thank you , May i know deleting the vulnerability indexer then restarting it will affect the existing vulnerability-detector data log?
Kindly clarify this.
Regards,
Sasi
Thank you , May i know deleting the vulnerability indexer then restarting it will affect the existing vulnerability-detector data log?
Kindly clarify this.
Regards,
Sasi
Sasi Kumar
Sep 1, 2025, 1:50:39 AM9/1/25
to Wazuh | Mailing List
Hello Rolly Mougoue,
Any updates on this!
Regards,
sasi
Regards,
sasi
Reply all
Reply to author
Forward
0 new messages