-
Notifications
You must be signed in to change notification settings - Fork 397
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
failed to volumes the ossec.conf #493
Comments
Hello @yehaotong What version of wazuh-docker are you using? If you can, please describe the process you are doing until you reach that error. In 4.0 and 4.1 the In the case of lower versions such as 3.13.3, this is not the case, the docker compose file does not specify any volume, but if it is done in Wazuh's own Dockerfile, in this case, the folder is not You can see the volumes with the command |
I use the version is the latest:4.1.5,and my docker file is : |
Hello @yehaotong Sorry, I still don't know the purpose you want to achieve with this, do you want to have the ossec.conf file mounted on a volume permanently? Do you want to mount it to update the ossec.conf configuration with one that you have made? What is the reason to use that Dockerfile? Could you share the Dockerfile you are using? I am trying to reproduce your problem but i can't. Regarding 2-manager, this script is used for file migration as its header says:
This process is done when upgrading the wazuh version to avoid data loss from From what I see from the
Another way is to directly copy the file with "
Once you have the "
If this is not useful or is not what you need, please, I would need to know what steps you have followed to find that error and if you explain to me what you want to do, maybe I can give you a step-by-step solution if possible. Here is a link to the wazuh documentation on how to use wazuh-docker https://documentation.wazuh.com/current/docker/index.html |
通用领域 FROM wazuh/wazuh-odfe:4.1.5 COPY config/ossec.conf /var/ossec/etc/ossec.conf This is the initial practice. I wanted to go in directly from the external CP, but it failed, so I changed to directly run your wazuh ofDe and add the mount parameter - V ossec.conf, but it still failed. The error log is the same as that of my CP. both 2-manager scripts failed |
Hello @yehaotong Can you provide me with the specific error that appears in the terminal please? I have done a test with your Dockerfile, without using anything else from the wazuh-docker repository since it seems that you are not using anything from the repository, here it was my error, sorry, generally this repository is intended to be used in conjunction with other images as seen in Keep in mind that the To use an external configuration, either by copying it or using volumes, the path where you have to put the file is: Here you can see how using a Dockerfile with the content
I have been able, after doing a build and a run, to enter the container and verify that the file has been copied correctly without error. Note that using volumes, the file is mounted in the /wazuh-config-mount/etc/ folder and any changes will be reflected in that folder and not in /var/ossec/etc/ossec.conf, since this is copied to this location when doing If instead of using COPY you use volumes, as you can see, also the specified file is passed to the container Either way, here you can see how the error no longer appears by using the /wazuh-config-mount/etc/ path |
thanks for you advice,I will try to copy/volume the path on /wazuh-config-mount/etc/ and test it ,thanks you aging. |
You're welcome, if you have any questions or problems, don't hesitate to ask! |
I procced to close this issue. Don't hesitate to open it again if necessary. Regards, |
when I use the wazuh-manager and try to volumes the ossec.conf,it always failed(filed in init the etc/cont-init.d/2-manager),what is the problem ? I volumes the path is:/var/ossec/etc/ossec.conf,is that make me failed? ossec.conf do not need to put in /var/ossec/etc?
The text was updated successfully, but these errors were encountered: