Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Debian agent includes Windows agent syscheck events #6655

Closed
Rebits opened this issue May 8, 2024 · 1 comment
Closed

Debian agent includes Windows agent syscheck events #6655

Rebits opened this issue May 8, 2024 · 1 comment
Assignees
@asteriscos
Labels
level/task Task issue type/bug Bug issue

Comments

@Rebits
Copy link
Member

Rebits commented May 8, 2024

Wazuh Rev Browser
4.8.0 RC1 Any

Description
Difficult to replicate error appear in the Debian endpoint menu. In the FIM recent events menu some Windows agent events appeared

Preconditions

  1. Full environment with a Debian and a Windows agent

Steps to reproduce
No steps to reproduce can be provided because this issue was impossible to reproduce

Expected Result

  1. No Windows agent events should be included in Debian agent

Actual Result

  1. Windows agent events are included in some menus of the Debian agent

Note

Additional information will be furnished once the issue has been successfully replicated

Screenshots

debian_bad_dashboard
@Rebits Rebits mentioned this issue May 8, 2024
Closed
@juliamagan juliamagan mentioned this issue May 9, 2024
Closed
@asteriscos asteriscos added type/bug Bug issue level/task Task issue labels May 9, 2024
@asteriscos asteriscos self-assigned this May 9, 2024
@asteriscos
Copy link
Member

We were able to successfully replicate the issue in Wazuh 4.7.4 with a Windows agent showing Linux paths.
This was due to the Sample Data generated alerts with Linux data, but matching the ID of a real Windows agent. We strongly believe this is also the case. We won't be adding this validation to the script that generates sample data, therefore I will close this as not planned.

image

@asteriscos asteriscos closed this as not planned Won't fix, can't repro, duplicate, stale May 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@asteriscos asteriscos

Labels
level/task Task issue type/bug Bug issue
Projects
Release 4.8.0
Status: Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@asteriscos @Rebits