Be notified of new releases
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 28 million developers.Sign up
- Improved configuration of OVAL updates. (#416)
- Added selective agent software request in vulnerability-detector. (#404)
- Get Linux packages inventory natively. (#441)
- Get Windows packages inventory natively. (#471)
- Supporting AES encryption for manager and agent. (#448)
- Added Debian and Ubuntu 18 support in vulnerability-detector. (#470)
- Added Rids Synchronization. (#459)
- Added option for setting the group that the agent belongs to when registering it with authd (#460)
- Added option for setting the source IP when the agent registers with authd (#460)
- Added option to force the vulnerability detection in unsupported OS. (#462)
- Get network inventory natively. (#546)
- Add arch check for Red Hat's OVAL in vulnerability-detector. (#625)
- Integration with Osquery. (#627)
- Enrich osquery configuration with pack files aggregation and agent labels as decorators.
- Launch osquery daemon in background.
- Monitor results file and send them to the manager.
- New option in rules
<location>to filter events by osquery.
- Support folders in shared configuration. This makes easy to send pack folders to agents.
- Basic ruleset for osquery events and daemon logs.
- Boost Remoted performance with multithreading. (#649)
- Up to 16 parallel threads to decrypt messages from agents.
- Limit the frequency of agent keys reloading.
- Message input buffer in Analysisd to prevent control messages starvation in Remoted.
- Module to download shared files for agent groups dinamically. (#519)
- Added group creation for files.yml if the group does not exist. (#1010)
- Added scheduling options to CIS-CAT integration. (#586)
- Option to download the wpk using http in
184.108.40.206as manager IP when creating
- New requests for Syscollector. (#728)
cluster_controlshows an error if the status does not exist. (#1002)
- Get Windows hardware inventory natively. (#831)
- Get processes and ports inventory by the Syscollector module.
- Added an integration with Kaspersky Endpoint Security for Linux via Active Response. (#1056)
- Add default value for option -x in agent_control tool.
- External libraries moved to an external repository.
- Ignore OverlayFS directories on Rootcheck system scan.
- Extracts agent's OS from the database instead of the agent-info.
- Increases the maximum size of XML parser to 20KB.
- Extract CVE instead of RHSA codes into vulnerability-detector. (#549)
- Store CIS-CAT results into Wazuh DB. (#568)
- Add profile information to CIS-CAT reports. (#658)
- Merge external libraries into a unique shared library. (#620)
- Cluster log rotation: set correct permissions and store rotations in /logs/ossec. (#667)
Distinctrequests don't allow
- Deprecated arguments -i, -F and -r for Authd. (#1013)
- Increase the internal memory for real-time from 12 KiB to 64 KiB. (#1062)
- Fixed invalid alerts reported by Syscollector when the event contains the word "error". (#461)
- Silenced Vuls integration starting and ending alerts. (#541)
- Fix problem comparing releases of ubuntu packages. (#556)
- Windows delete pending active-responses before reset agent. (#563)
- Fix bug in Rootcheck for Windows that searches for keys in 32-bit mode only. (#566)
- Alert when unmerge files fails on agent. (#731)
- Fixed bugs reading logs in framework. (#856)
- Ignore uppercase and lowercase sorting an array in framework. (#814)
- Cluster: reject connection if the client node has a different cluster name. (#892)
the JSON object must be str, not 'bytes'error. (#997)
- Fix long sleep times in vulnerability detector.
- Fix inconsistency in the alerts format for the manager in vulnerability-detector.
- Fix bug when processing the packages in vulnerability-detector.
- Prevent to process Syscollector events by the JSON decoder. (#674)
- Stop Syscollector data storage into Wazuh DB when an error appears. (#674)
- Fix bug in Syscheck that reported false positive about removed files. (#1044)
- Fix bug in Syscheck that misinterpreted no_diff option. (#1046)
- Fixes in file integrity monitoring for Windows. (#1062)
- Fix Windows agent crash if FIM fails to extract the file owner.
- Prevent FIM real-time mode on Windows from stopping if the internal buffer gets overflowed.
- Prevent large logs from flooding the log file by Logcollector. (#1067)