Regarding wazuh-states-vulnerabilities index

[sau sau]

Hello Team, 
Greetings.

I wanted to know if it is possible to create custom index for wazuh-states-vulnerabilities index based on tenant like wazuh-states-vulnerabilities-tenant1-*. I know we can do that with wazuh-alerts but i didn't find any config related to changing wazuh-states-vulnerabilities-* index. 

Or can i not ditch wazuh-states-vulnerabilities entirely and have vulnerability detection logs in wazuh-alerts itself like in older versions?

I have wazuh version 4.10.0

[Facundo Dalmau]

Hi. Let me investigate this and get back to you as soon as possible.

[sau sau]

Thank you for your prompt response. I look forward to hearing from you soon

[Facundo Dalmau]

Hi. Unfortunately, this is a limitation of the Vulnerability Detection module refactor carried out for 4.8. It has already been reported here: https://github.com/wazuh/wazuh/issues/24118.

Sorry for the inconvenience.

[sau sau]

Hi. I understand this is currently a limitation right now. I was wondering if there is any planned timeline for addressing this limitation, or if there's a decision on whether it will be resolved in a future release?

This feature would be very helpful for our multi-tenant environment, so any insight into its potential inclusion in the roadmap would be greatly appreciated.

[Facundo Dalmau]

Yes. Multi-tenancy is planned to be addressed as part of the 6.0 release, mainly in https://github.com/wazuh/wazuh/issues/22887. Given that it will involve several new developments and improvements, the team is currently working on version 5.0, pausing the development of 6.0, to introduce certain changes and improvements to the 4.x codebase.

Sorry for the inconvenience.