Comments (9)
mgmacias95
commented on June 1, 2024
Hi @rossengeorgiev,
This is a known issue commented in wazuh/wazuh#176.
The reason why this is happening is because the API call to add agents without using authd is not prepared for massive calls. We're working on this issue but I recommend you to use authd while we fix it.
When authd is activated, the API uses it. The steps to enable authd are explained in the Wazuh docs.
Best regards,
Marta
from wazuh-api.
rossengeorgiev
commented on June 1, 2024
Hi, authd is not ideal for managing keys, especially when looking into creating automated and dynamic deployments. A working API that has a granular access control would be extremely useful. This issue should really be high priority bug and blocking for v3,0. Current documentation should also be updated to mention that there is race condition.
from wazuh-api.
jesuslinares
commented on June 1, 2024
Hi @rossengeorgiev ,
we will fix the race condition in the API, but for now, we recommend to use authd.
If you enable authd, each request to the API related to register/remove agent will be "forwarded" to authd. Does it work for you?.
especially when looking into creating automated and dynamic deployments
What is your use case?.
Thanks.
from wazuh-api.
rossengeorgiev
commented on June 1, 2024
Hi @jesuslinares, thanks for clarifying. I didn't realize wazuh-api could make use of authd. I will look into giving that a try. My use case is large redundant deployment using saltstack. It will be monitoring a large number of hosts. My goal is to automate as many of the tasks as possible.
from wazuh-api.
rossengeorgiev
commented on June 1, 2024
Enabling authd seems to work.
from wazuh-api.
rossengeorgiev
commented on June 1, 2024
@jesuslinares any chance there could be conf switch to force the use of authd only? I fear that if authd dies for whatever reason it might turn into a mess.
from wazuh-api.
jesuslinares
commented on June 1, 2024
You are totally right. We are going to include that option in the next version.
For now, you can change the code.
- Go to /var/ossec/api/framework
- Remove the if-else section and use only "authd" functions.
Thanks so much.
from wazuh-api.
mgmacias95
commented on June 1, 2024
Hello @rossengeorgiev,
As you suggested, a new parameter has been added in API configuration to force the use of authd (see #43 and wazuh/wazuh#305). This will be added in Wazuh 3.1.
We're not closing this issue since the original bug is not yet fixed.
Best regards,
Marta
from wazuh-api.
mgmacias95
commented on June 1, 2024
Hello again,
This bug has been fixed in wazuh/wazuh#306.
Best regards,
Marta
from wazuh-api.
Related Issues (20)
- foo: timestamp out of range for platform time_t HOT 2
- Error with PowerShell Script for register agent.
- Wazuh could not be recovered. HOT 3
- Possible race condition with API log rotation and API calls
- Increase filesize limit HOT 1
- Add support for querying vulnerability data for agent HOT 3
- How can i get alerts from API or other method if it possible HOT 7
- /experimental/syscollector endpoint error having disconnected nodes
- API alert information HOT 2
- API mocha test results for version 3.13.2 HOT 1
- wazuh-api crash when FIPS enabled on Redhat/CentOS 7 HOT 3
- configure_api.sh does not change Kibana plugin .yml file HOT 2
- When trying to restart Agents in a Group without Agents assigned to it shows "Bad request" message. HOT 1
- issue with API? HOT 3
- Wazuh API Call - Active-Response 404 Error - Wazuh Api 4.1.5 HOT 1
- Not working endpoint wazuh-api /sca/{agent:id}/checks/{sca: id} HOT 2
- wazuh(code=exited,status=1/FAILURE)
- wazuh-manager:4.3.10 keeps restarting
- Wazuh API breaks every now and then and i cant figure out why
- How can I get Security Events Alerts through API for all agents of specific group
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wazuh-api.