Virustotal integration errors in ossec.log
14 views
Skip to first unread message
Gokul Suresh
Jan 30, 2026, 1:44:34 AM (3 days ago) Jan 30
to Wazuh | Mailing List
Hi team,
2026/01/30 05:21:15 wazuh-integratord: ERROR: Unable to run integration for virustotal -> integrations
2026/01/30 05:21:15 wazuh-integratord: ERROR: While running virustotal -> integrations. Output: Exception
2026/01/30 05:21:15 wazuh-integratord: ERROR: Exit status was: 1
2026/01/30 05:21:20 wazuh-integratord: ERROR: Unable to run integration for virustotal -> integrations
2026/01/30 05:21:20 wazuh-integratord: ERROR: While running virustotal -> integrations. Output: Exception
2026/01/30 05:21:20 wazuh-integratord: ERROR: Exit status was: 4
I am seeing this error in ossec what could be the reason for this ?
Please suggest remedies to solve these errors.
I am using wazuh 4.14.1.
2026/01/30 05:21:15 wazuh-integratord: ERROR: Unable to run integration for virustotal -> integrations
2026/01/30 05:21:15 wazuh-integratord: ERROR: While running virustotal -> integrations. Output: Exception
2026/01/30 05:21:15 wazuh-integratord: ERROR: Exit status was: 1
2026/01/30 05:21:20 wazuh-integratord: ERROR: Unable to run integration for virustotal -> integrations
2026/01/30 05:21:20 wazuh-integratord: ERROR: While running virustotal -> integrations. Output: Exception
2026/01/30 05:21:20 wazuh-integratord: ERROR: Exit status was: 4
I am seeing this error in ossec what could be the reason for this ?
Please suggest remedies to solve these errors.
I am using wazuh 4.14.1.
Himanshu Sharma
Jan 30, 2026, 2:10:38 AM (3 days ago) Jan 30
to Wazuh | Mailing List
Hi Team,
Thanks for the logs. The following log entries indicate that the VirusTotal integration was triggered successfully, but failed during execution.
There can be multiple reasons for this behavior, including API-related issues, connectivity problems, rate limiting, or execution errors within the integration script. To gather more detailed diagnostic information, please enable additional debug logging by adding wazuh_modules.debug=2 to the following line to the file:/var/ossec/etc/local_internal_options.conf
Thanks for the logs. The following log entries indicate that the VirusTotal integration was triggered successfully, but failed during execution.
There can be multiple reasons for this behavior, including API-related issues, connectivity problems, rate limiting, or execution errors within the integration script. To gather more detailed diagnostic information, please enable additional debug logging by adding wazuh_modules.debug=2 to the following line to the file:/var/ossec/etc/local_internal_options.conf
After adding this setting, restart the Wazuh Manager and simulate the event again to reproduce the issue. Once completed, please share the newly generated debug logs so we can further analyze and identify the root cause.
Also, can you please share the below logs and <integration> configuration to investigate and validate the API key that you are using?
/var/ossec/logs/integrations.log
Himanshu Sharma
6:05 AM (7 hours ago) 6:05 AM
to Wazuh | Mailing List
Hi Team,
I just wanted to follow up on this issue.
If you have any further questions or require additional assistance, please don't hesitate to contact us.
If you have any further questions or require additional assistance, please don't hesitate to contact us.
Reply all
Reply to author
Forward
0 new messages