Victor M. Fernandez-Castro
Victor M. Fernandez-Castro
## Surrounding the cause of the problem ### Wazuh Agent startup The agent performs the following steps on startup: 1. Sets up each monitored directory's auditing permissions. 2. Enables the...
@sempervictus this proposal is exciting, although I don't know _musl_ in depth, to be honest. Your comment that you proposed the OSSEC guys move to Rust aroused my curiosity. Is...
Hi @rizarizkan, Unfortunately, Syscheck uses two OS specific real-time engines: - inotify library for Linux. - Win32 API (function `ReadDirectoryChangesW()`) for Windows. The BSD family does not support real-time yet....
@fzipi That is great news! We would love to know how you made that. Does FreeBSD include the inotify wrapper or did you add a dependency? Did you introduce any...
@fzipi Thanks for the info, that seems a pretty simple change in the code. I'm curious about how you get the inotify library for FreeBSD. Is that preinstalled or did...
Gotcha. We developed a common library to switch between epoll and kqueue depending on the platform, but that works for file descriptors only ([notify_op.h](https://github.com/wazuh/wazuh/blob/master/src/headers/notify_op.h)). I think we can include this...
Hi all, Reopening this issue as #3971 fixes a bug related to Agentless, but the problem reported here is a different bug. Best regards.
Hi @hanschl, I'm sorry this issue has been on hold for a long time. We will prioritize this and provide an ETA and a target version for the fix as...
This issue comes from OSSEC 1.0 (https://github.com/wazuh/wazuh/commit/9deff12ff574ee14995d4fa3240c183b80d55ba6). It's just preventing the colon from being sent to the manager. Cheers.
I confirm that PR #14706 has fixed this issue. ### Configuration ```xml full_command netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ > netstat: listening ports 360 ``` Note that `` (which...