No results is displayed in Vulnerability detection Module
1,646 views
Skip to first unread message
Alaa Junaid
Oct 6, 2021, 7:29:03 AM10/6/21
to Wazuh mailing list
Hi everyone,
I've just enabled Vulnerability detection in wazuh configuration. Update and scanning processes have been done successfully for Windows 10 agent as illustrated within the attachment "ossec.log".
Unfortunately, no results was shown in Wazuh Vulnerability module web interface as illustrated within the below screenshot:
I need your kind support for this issue.
Many thanks in advance.
Best Regards,
Alaa
Maximiliano Ibarra
Oct 6, 2021, 3:18:55 PM10/6/21
to Wazuh mailing list
Hi.
Thanks for contact us. Seeing that you have enabled a vulnerability detector in your agent, we need to check if you have it enabled in your manager too.
First, I leave you an official doc that explains how to set the vulnerability detector in your environment.
Thanks for contact us. Seeing that you have enabled a vulnerability detector in your agent, we need to check if you have it enabled in your manager too.
First, I leave you an official doc that explains how to set the vulnerability detector in your environment.
After that, you can check your manager logs with the following commands. (Please, add the response in this thread)
In the previous doc explains what is the output that you will find in your logs if the vulnerability detector was successfully enabled.
Please, tell me how it was.
I looking forward for your reply.
Best regards
- grep syscollector: /var/ossec/logs/ossec.log
- grep vulnerability-detector: /var/ossec/logs/ossec.log
In the previous doc explains what is the output that you will find in your logs if the vulnerability detector was successfully enabled.
Please, tell me how it was.
I looking forward for your reply.
Best regards
Message has been deleted
Alaa Junaid
Oct 7, 2021, 6:24:19 AM10/7/21
to Wazuh mailing list
Dear maximiliano,
Thanks for your prompt response.
I've already enabled a vulnerability detector in manager as illustrated within the attachment ossec.conf regarding this feature.
Accordingly, everything is ok as illustrated within the two ossec.log attachments.
In addition to that, All vulnerabilities are listed within Inventory in Vulnerabilities module as within the below snapshot:
So, the only thing I need is to be able to display these results in Dashboard & Event not only in Inventory tab.
Best Regards,
Alaa
Alaa Junaid
Oct 10, 2021, 7:25:24 AM10/10/21
to Wazuh mailing list
Dear,
Kindly be advised that all agents' vulnerabilities for Win10, Win2012 R2 and SUSE 11 are listed successfully as the below snapshots, but unfortunately the Vulnerabilities Dashboards & Events tabs are empty :(
Windows 10
Windows 2012R2 Server
SUSE11
Waiting your kind feedback ASAP.
Best Regards,
Alaa
Reply all
Reply to author
Forward
0 new messages