vulnerability-scanner feed ossec.log
107 views
Skip to first unread message
German DiCasas
Jan 17, 2025, 2:14:42 PM1/17/25
to Wazuh | Mailing List
Hi team,
I have a log here over wazuh 4.8.2-1. All in one and agents with same version.
cat /var/ossec/logs/ossec.log | grep -i "vulnerability-scanner"
2025/01/17 13:44:21 wazuh-modulesd:vulnerability-scanner: INFO: Starting vulnerability_scanner module.
2025/01/17 13:44:22 wazuh-modulesd:vulnerability-scanner: INFO: Vulnerability scanner module started
2025/01/17 13:55:36 wazuh-modulesd:vulnerability-scanner: INFO: Initiating update feed process
2025/01/17 15:19:52 wazuh-modulesd:vulnerability-scanner: INFO: Triggered a re-scan after content update
2025/01/17 15:19:52 wazuh-modulesd:vulnerability-scanner: INFO: Feed update process completed
2025/01/17 15:19:52 wazuh-modulesd:vulnerability-scanner: INFO: Initiating update feed process
2025/01/17 15:19:54 wazuh-modulesd:vulnerability-scanner: ERROR: Error updating feed: [json.exception.out_of_range.401] array index 7 is out of range, trying to re-download the feed.
2025/01/17 15:23:35 wazuh-modulesd:vulnerability-scanner: INFO: Initiating update feed process
2025/01/17 13:44:22 wazuh-modulesd:vulnerability-scanner: INFO: Vulnerability scanner module started
2025/01/17 13:55:36 wazuh-modulesd:vulnerability-scanner: INFO: Initiating update feed process
2025/01/17 15:19:52 wazuh-modulesd:vulnerability-scanner: INFO: Triggered a re-scan after content update
2025/01/17 15:19:52 wazuh-modulesd:vulnerability-scanner: INFO: Feed update process completed
2025/01/17 15:19:52 wazuh-modulesd:vulnerability-scanner: INFO: Initiating update feed process
2025/01/17 15:19:54 wazuh-modulesd:vulnerability-scanner: ERROR: Error updating feed: [json.exception.out_of_range.401] array index 7 is out of range, trying to re-download the feed.
2025/01/17 15:23:35 wazuh-modulesd:vulnerability-scanner: INFO: Initiating update feed process
2025/01/17 15:56:39 wazuh-modulesd:vulnerability-scanner: INFO: Triggered a re-scan after content update
2025/01/17 15:56:39 wazuh-modulesd:vulnerability-scanner: INFO: Feed update process completed
2025/01/17 15:56:39 wazuh-modulesd:vulnerability-scanner: INFO: Initiating update feed process
2025/01/17 15:58:57 wazuh-modulesd:vulnerability-scanner: ERROR: Error updating feed: [json.exception.parse_error.101] parse error at line 1, column 16578585: syntax error while parsing object - unexpected end of input; expected '}', trying to re-download the feed.
2025/01/17 15:56:39 wazuh-modulesd:vulnerability-scanner: INFO: Feed update process completed
2025/01/17 15:56:39 wazuh-modulesd:vulnerability-scanner: INFO: Initiating update feed process
2025/01/17 15:58:57 wazuh-modulesd:vulnerability-scanner: ERROR: Error updating feed: [json.exception.parse_error.101] parse error at line 1, column 16578585: syntax error while parsing object - unexpected end of input; expected '}', trying to re-download the feed.
2025/01/17 16:00:42 wazuh-modulesd:vulnerability-scanner: INFO: Initiating update feed process
2025/01/17 16:02:33 wazuh-modulesd:vulnerability-scanner: ERROR: Error updating feed: [json.exception.out_of_range.403] key 'metrics' not found, trying to re-download the feed.
2025/01/17 16:02:33 wazuh-modulesd:vulnerability-scanner: ERROR: Error updating feed: [json.exception.out_of_range.403] key 'metrics' not found, trying to re-download the feed.
What can be the issue?
Regards
German
Dario Menten
Jan 17, 2025, 3:16:04 PM1/17/25
to Wazuh | Mailing List
Hello German,
It seems there are some issues with the feeds, please try this:
- Stop the manager
- Disable vulnerability detector
- Remove the inventory (`rm -rf /var/ossec/queue/vd/inventory/ ` )
- Start manager
- Enable vulnerability detector
- Restart the manager (the agent should be rescanned and the index should be recreated)
German DiCasas
Jan 22, 2025, 11:31:32 AM1/22/25
to Wazuh | Mailing List
That fix the issue.
What do that path? /var/ossec/queue/vd/inventory/ or the use?
thanks a lot.
German
Reply all
Reply to author
Forward
0 new messages