Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release 4.6.0 - Revision 1 - Release Candidate RC1 - Footprint Metrics - VULNERABILITY-DETECTOR-REGISTER (2.5d) #19552

Closed
wazuhci opened this issue Oct 9, 2023 · 4 comments
Closed

Release 4.6.0 - Revision 1 - Release Candidate RC1 - Footprint Metrics - VULNERABILITY-DETECTOR-REGISTER (2.5d) #19552

wazuhci opened this issue Oct 9, 2023 · 4 comments
Assignees
@fcaffieri
Labels
level/subtask tracking type/release type/test

Comments

@wazuhci
Copy link

wazuhci commented Oct 9, 2023
edited by fcaffieri

Footprint metrics information
Main release candidate issue # #19471
Main footprint metrics issue # #19477
Version 4.6.0
Release candidate # RC1
Tag https://github.com/wazuh/wazuh/tree/4.6.0-rc1

Stress test documentation

Packages used

Manager
Centos agent
Ubuntu agent
Windows agent
macOS agent
  • Plots
  • Logs and configuration
  • CSV
Solaris agent
  • Plots
  • Logs and configuration
  • CSV

Conclusion 🟡

Logs

Graphs

No anomalies found, only the known issue #17927
@Rebits Rebits mentioned this issue Oct 10, 2023
Closed
3 tasks
@fcaffieri fcaffieri self-assigned this Oct 10, 2023
@Rebits Rebits assigned Rebits and unassigned Rebits Oct 11, 2023
@fcaffieri
Copy link
Member

fcaffieri commented Oct 11, 2023
edited

Analysis report: Logs errors

Wazuh manager
  • Expected errors in stress tests
2023/10/09 00:00:35 wazuh-modulesd:azure-logs: WARNING: Interval overtaken.

2023/10/09 00:02:14 wazuh-syscheckd: WARNING: Real-time inotify kernel queue is full. Some events may be lost. Next scheduled scan will recover lost data.

2023/10/07 04:09:20 wazuh-analysisd: WARNING: Security Configuration Assessment decoder queue is full.


2023/10/09 00:02:14 wazuh-syscheckd: WARNING: Real-time inotify kernel queue is full. Some events may be lost. Next scheduled scan will recover lost data.

2023/10/09 00:04:01 sca: WARNING: Interval overtaken.

2023/10/07 04:09:20 wazuh-analysisd: WARNING: Security Configuration Assessment decoder queue is full.

2023/10/07 10:10:28 wazuh-logcollector: WARNING: Target 'agent' message queue is full (1024). Log lines may be lost.



 2023/10/07 04:09:06 wazuh-modulesd:ciscat: WARNING: No evals defined. Exiting...
 

 2023/10/07 04:08:21 wazuh-modulesd:ciscat: ERROR: Failed reading scan results for policy '/var/ossec/wodles/cis-cat/benchmarks/CIS_Google_Chrome_Benchmark_v1.2.0-xccdf.xml'
 

 2023/10/07 04:08:47 wazuh-modulesd: WARNING: Process locked due to agent is offline. Waiting for connection...
 

 [2023-10-07_10:30:49] [ERROR] (create_delete): files\fimStress.128480 file cannot be deleted.
 

2023/10/09 02:16:43 wazuh-syscheckd: WARNING: (6922): Cannot open '/tmp/syscheck_test/directories/dir1468': No such file or directory

 [2023-10-07_20:36:49] [ERROR] (create_delete): directories\dir0 directory is not a directory.
Wazuh centos
  • Expected errors in stress tests
2023/10/09 00:00:35 wazuh-modulesd:azure-logs: WARNING: Interval overtaken.

2023/10/09 00:02:14 wazuh-syscheckd: WARNING: Real-time inotify kernel queue is full. Some events may be lost. Next scheduled scan will recover lost data.

2023/10/09 00:04:01 sca: WARNING: Interval overtaken.

2023/10/07 04:09:20 wazuh-analysisd: WARNING: Security Configuration Assessment decoder queue is full.

2023/10/07 10:10:28 wazuh-logcollector: WARNING: Target 'agent' message queue is full (1024). Log lines may be lost.

2023/10/07 10:10:28 wazuh-analysisd: WARNING: Input queue is full.



 2023/10/07 04:10:12 wazuh-agentd: ERROR: (1137): Lost connection with manager. Setting lock.
 

2023/10/07 04:20:10 wazuh-syscheckd: WARNING: (6922): Cannot open '/tmp/syscheck_test/directories/dir1468': No such file or directory

 2023/10/07 11:11:50 wazuh-modulesd:ciscat: ERROR: Unable to open 'tmp/ciscat-report.xml': No such file or directory
Wazuh ubuntu
  • Expected errors in stress tests
2023/10/09 00:00:35 wazuh-modulesd:azure-logs: WARNING: Interval overtaken.

2023/10/09 00:02:14 wazuh-syscheckd: WARNING: Real-time inotify kernel queue is full. Some events may be lost. Next scheduled scan will recover lost data.

2023/10/09 00:04:01 sca: WARNING: Interval overtaken.

2023/10/07 04:09:20 wazuh-analysisd: WARNING: Security Configuration Assessment decoder queue is full.

2023/10/07 10:10:28 wazuh-logcollector: WARNING: Target 'agent' message queue is full (1024). Log lines may be lost.

2023/10/07 10:10:28 wazuh-analysisd: WARNING: Input queue is full.

 

 2023/10/07 04:08:47 wazuh-modulesd: WARNING: Process locked due to agent is offline. Waiting for connection...
 

2023/10/07 11:11:50 wazuh-syscheckd: WARNING: (6922): Cannot open '/tmp/syscheck_test/directories/dir1468': No such file or directory

 2023/10/07 11:11:50 wazuh-modulesd:ciscat: ERROR: Unable to open 'tmp/ciscat-report.xml': No such file or directory
Wazuh windows
  • Expected errors in stress tests
2023/10/09 00:00:35 wazuh-modulesd:azure-logs: WARNING: Interval overtaken.

2023/10/09 00:02:14 wazuh-syscheckd: WARNING: Real-time inotify kernel queue is full. Some events may be lost. Next scheduled scan will recover lost data.

2023/10/09 00:04:01 sca: WARNING: Interval overtaken.


2023/10/07 04:09:20 wazuh-analysisd: WARNING: Security Configuration Assessment decoder queue is full.

2023/10/07 10:10:28 wazuh-logcollector: WARNING: Target 'agent' message queue is full (1024). Log lines may be lost.



 2023/10/07 11:11:50 wazuh-modulesd:ciscat: ERROR: Unable to open 'tmp/ciscat-report.xml': No such file or directory
 

2023/10/09 02:16:43 wazuh-syscheckd: WARNING: (6922): Cannot open '/tmp/syscheck_test/directories/dir1468': No such file or directory

 2023/10/07 04:08:21 wazuh-modulesd:ciscat: ERROR: Failed reading scan results for policy '/var/ossec/wodles/cis-cat/benchmarks/CIS_Google_Chrome_Benchmark_v1.2.0-xccdf.xml'
 

 [2023-10-07_20:36:49] [ERROR] (create_delete): directories\dir0 directory is not a directory.

@fcaffieri
Copy link
Member

Graphs

Compared to #19365 because no issue was found for 4.5.3 RC3

No anomalies found, known issue #17927 continues to appear. Disk continues on the same margins

@mauromalara
Copy link
Contributor

Good job! Only a few changes are required:

  • Changes required in the "Logs" section:
    • Add a title to the section as in the "Graphs" one.
    • Manager:
      • The logs highlighted in the following image are in this known issue, they're not expected from the stress test.
        Screenshot 2023-10-12 at 08 49 56
    • CentOS agent:
    • Ubuntu agent:
      • Idem manager note.
      • Idem CentOS agent note.
    • Windows agent:
      • Idem manager note.
      • Idem CentOS agent note.

@damarisg
Copy link
Member

LGTM!

@pro-akim pro-akim mentioned this issue Oct 27, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fcaffieri fcaffieri

Labels
level/subtask tracking type/release type/test
Projects
No open projects
Release 4.6.0
Status: Done
Milestone
No milestone
Development

No branches or pull requests
5 participants
@damarisg @Rebits @wazuhci @mauromalara @fcaffieri