Force vulnerability scan
227 views
Skip to first unread message
Julian Jorge
Jun 13, 2024, 4:53:00 AM6/13/24
to Wazuh | Mailing List
Hello!
After upgrading Wazuh to 4.8 version we have a question... Is there any way to force a vulnerability scan for an agent?
Julian Jorge
Jun 13, 2024, 5:01:07 AM6/13/24
to Wazuh | Mailing List
I have an other question..
We just realized that the information for "last vulnerability scan" has disappeared. Where can we find it now?
Isaiah Daboh
Jun 13, 2024, 8:05:13 AM6/13/24
to Wazuh | Mailing List
Hello,
I am taking a look at this and will revert shortly.
Regards,
Isaiah Daboh
Jun 13, 2024, 10:30:41 AM6/13/24
to Wazuh | Mailing List
Hello,
The information for the vulnerability scans for individual endpoints can be found under "Vulnerability Detection" module in 4.8.0.
You can refer to the 4.8.0 blog for more changes to the vulnerability detector.
Regards,
Isaiah Daboh
Jun 13, 2024, 10:59:28 AM6/13/24
to Wazuh | Mailing List
Hello,
In addition, kindly note that at the moment, there is no way to run on-demand scans from the dashboard.
A work around is to restart the manager (Wazuh-server) and the agent service (endpoint). You have to ensure that you have vulnerability detection enabled in /var/ossec/etc/ossec.conf.
<vulnerability-detection>
<enabled>yes</enabled>
<index-status>yes</index-status>
<feed-update-interval>60m</feed-update-interval>
</vulnerability-detection>
<enabled>yes</enabled>
<index-status>yes</index-status>
<feed-update-interval>60m</feed-update-interval>
</vulnerability-detection>
For more information on configuring the vulnerability detector in 4.8.0 - https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/configuring-scans.html
Regards,
Julian Jorge
Jun 14, 2024, 6:21:41 AM6/14/24
to Wazuh | Mailing List
Hello,
Thanks you.
Reply all
Reply to author
Forward
0 new messages