Package Details: wazuh-agent 4.7.4-1

Git Clone URL: https://aur.archlinux.org/wazuh-agent.git (read-only, click to copy)
Package Base: wazuh-agent
Description: Wazuh Agent actively protects Arch Linux systems with advanced threat prevention, detection, and response capabilities.
Upstream URL: https://wazuh.com/
Keywords: siem
Licenses: GPL2
Submitter: madara125
Maintainer: madara125 (MrHacker)
Last Packager: MrHacker
Votes: 3
Popularity: 0.139689
First Submitted: 2023-11-18 04:14 (UTC)
Last Updated: 2024-04-30 15:42 (UTC)

Latest Comments

slepy8 commented on 2024-04-10 15:53 (UTC)

I have the same problem with wazuh-agent

It will not start because of wazuh-execd

Black_file commented on 2024-01-22 08:16 (UTC) (edited on 2024-01-22 08:34 (UTC) by Black_file)

wazuh-agent does not start.

janv. 22 09:01:39 env[918]: Starting Wazuh v4.7.2...
janv. 22 09:01:40 env[918]: Started wazuh-execd...
janv. 22 09:01:50 env[918]: wazuh-agentd did not start
janv. 22 09:01:50 systemd[1]: wazuh-agent.service: Control process exited, code=exited, status=1/FAILURE

Try to restart:

janv. 22 09:01:50 systemd[1]: wazuh-agent.service: Unit process 966 (wazuh-execd) remains running after unit stopped.
janv. 22 09:01:50 systemd[1]: Failed to start Wazuh agent.

Same after force killing wazuh-execd, and same as launching manually 4.7.0 work correctly. Idk if it's package fault or problem in PKGBUILD.

ossec.log

2024/01/22 09:30:16 wazuh-execd: INFO: Started (pid: 33378).
2024/01/22 09:30:17 wazuh-agentd: ERROR: (1226): Error reading XML file 'etc/ossec.conf':  (line 0).
2024/01/22 09:33:05 wazuh-agentd: ERROR: (1226): Error reading XML file 'etc/ossec.conf':  (line 0).

Not a problem in ossec.conf, it worked with 4.7.0.

Best commented on 2024-01-19 18:13 (UTC)

why update to 4.7.1 when 4.7.2 is latest? modified PKGBUILD and running that here now.