Skip to content

Instantly share code, notes, and snippets.

@skywalkerisnull

skywalkerisnull/ossec.log

Created August 5, 2023 02:00
Show Gist options
  • Save skywalkerisnull/d1db45caa25e90a35a32ce48286eba21 to your computer and use it in GitHub Desktop.
Save skywalkerisnull/d1db45caa25e90a35a32ce48286eba21 to your computer and use it in GitHub Desktop.
Download ZIP
cat /var/ossec/logs/ossec.log | grep -i 'vuln'
Raw
ossec.log
2023/08/05 01:55:41 wazuh-modulesd[35923] wmodules-vuln-detector.c:656 at wm_vuldet_read_provider(): DEBUG: Added canonical (bionic) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s
2023/08/05 01:55:41 wazuh-modulesd[35923] wmodules-vuln-detector.c:656 at wm_vuldet_read_provider(): DEBUG: Added canonical (focal) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s
2023/08/05 01:55:41 wazuh-modulesd[35923] wmodules-vuln-detector.c:714 at wm_vuldet_read_provider(): DEBUG: Added msu feed. Interval: 3600s | Multi path: 'none' | Multi url: 'none' | Update since: 0 | Timeout: 300s
2023/08/05 01:55:41 wazuh-modulesd[35923] wmodules-vuln-detector.c:714 at wm_vuldet_read_provider(): DEBUG: Added nvd feed. Interval: 3600s | Multi path: 'none' | Multi url: 'none' | Update since: 2010 | Timeout: 300s
2023/08/05 01:55:45 wazuh-modulesd[36006] wmodules-vuln-detector.c:656 at wm_vuldet_read_provider(): DEBUG: Added canonical (bionic) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s
2023/08/05 01:55:45 wazuh-modulesd[36006] wmodules-vuln-detector.c:656 at wm_vuldet_read_provider(): DEBUG: Added canonical (focal) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s
2023/08/05 01:55:45 wazuh-modulesd[36006] wmodules-vuln-detector.c:714 at wm_vuldet_read_provider(): DEBUG: Added msu feed. Interval: 3600s | Multi path: 'none' | Multi url: 'none' | Update since: 0 | Timeout: 300s
2023/08/05 01:55:45 wazuh-modulesd[36006] wmodules-vuln-detector.c:714 at wm_vuldet_read_provider(): DEBUG: Added nvd feed. Interval: 3600s | Multi path: 'none' | Multi url: 'none' | Update since: 2010 | Timeout: 300s
2023/08/05 01:56:00 wazuh-modulesd[36505] wmodules-vuln-detector.c:656 at wm_vuldet_read_provider(): DEBUG: Added canonical (bionic) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s
2023/08/05 01:56:00 wazuh-modulesd[36505] wmodules-vuln-detector.c:656 at wm_vuldet_read_provider(): DEBUG: Added canonical (focal) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s
2023/08/05 01:56:00 wazuh-modulesd[36505] wmodules-vuln-detector.c:714 at wm_vuldet_read_provider(): DEBUG: Added msu feed. Interval: 3600s | Multi path: 'none' | Multi url: 'none' | Update since: 0 | Timeout: 300s
2023/08/05 01:56:00 wazuh-modulesd[36505] wmodules-vuln-detector.c:714 at wm_vuldet_read_provider(): DEBUG: Added nvd feed. Interval: 3600s | Multi path: 'none' | Multi url: 'none' | Update since: 2010 | Timeout: 300s
2023/08/05 01:56:00 wazuh-modulesd[36505] main.c:95 at main(): DEBUG: Created new thread for the 'vulnerability-detector' module.
2023/08/05 01:56:00 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5233 at wm_vuldet_check_feed(): INFO: (5400): Starting 'Ubuntu Bionic' database update.
2023/08/05 01:56:02 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:kernel.randomize_va_space\s*=)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:02 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (!r:\s=\s*2\s+|\s=\s*2$)(# These settings eliminate an entire class of security vulnerability:) -> 1
2023/08/05 01:56:02 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:kernel.randomize_va_space\s*= && !r:\s=\s*2\s+|\s=\s*2$)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:02 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:kernel.randomize_va_space\s*= && !r:\s=\s*2\s+|\s=\s*2$)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:02 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:kernel.randomize_va_space\s*=)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:02 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (!r:\s=\s*2\s+|\s=\s*2$)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 1
2023/08/05 01:56:02 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:kernel.randomize_va_space\s*= && !r:\s=\s*2\s+|\s=\s*2$)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:02 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:kernel.randomize_va_space\s*= && !r:\s=\s*2\s+|\s=\s*2$)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:02 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:kernel.randomize_va_space\s*=)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:02 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (!r:\s=\s*2\s+|\s=\s*2$)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 1
2023/08/05 01:56:02 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:kernel.randomize_va_space\s*= && !r:\s=\s*2\s+|\s=\s*2$)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:02 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:kernel.randomize_va_space\s*= && !r:\s=\s*2\s+|\s=\s*2$)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.all.send_redirects\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.all.send_redirects\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.all.send_redirects\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.all.send_redirects\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.all.send_redirects\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.all.send_redirects\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.all.send_redirects\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.all.send_redirects\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.all.send_redirects\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.default.send_redirects\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.default.send_redirects\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.default.send_redirects\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.default.send_redirects\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.default.send_redirects\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.default.send_redirects\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.default.send_redirects\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.default.send_redirects\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.default.send_redirects\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.all.secure_redirects\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.all.secure_redirects\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.all.secure_redirects\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.all.secure_redirects\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.all.secure_redirects\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.all.secure_redirects\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.all.secure_redirects\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.all.secure_redirects\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.all.secure_redirects\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.default.secure_redirects\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.default.secure_redirects\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.default.secure_redirects\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.default.secure_redirects\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.default.secure_redirects\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.default.secure_redirects\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.default.secure_redirects\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.default.secure_redirects\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.default.secure_redirects\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.all.log_martians\s*=\s*1)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.all.log_martians\s*=\s*1)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.all.log_martians\s*=\s*1)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.all.log_martians\s*=\s*1)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.all.log_martians\s*=\s*1)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.all.log_martians\s*=\s*1)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.all.log_martians\s*=\s*1)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.all.log_martians\s*=\s*1)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.all.log_martians\s*=\s*1)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.default.log_martians\s*=\s*1)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.default.log_martians\s*=\s*1)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.default.log_martians\s*=\s*1)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.default.log_martians\s*=\s*1)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.default.log_martians\s*=\s*1)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.default.log_martians\s*=\s*1)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.default.log_martians\s*=\s*1)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.default.log_martians\s*=\s*1)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.default.log_martians\s*=\s*1)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.all.rp_filter\s*=\s*1)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.all.rp_filter\s*=\s*1)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.all.rp_filter\s*=\s*1)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.all.rp_filter\s*=\s*1)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.all.rp_filter\s*=\s*1)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.all.rp_filter\s*=\s*1)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.all.rp_filter\s*=\s*1)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.all.rp_filter\s*=\s*1)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.all.rp_filter\s*=\s*1)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.default.rp_filter\s*=\s*1)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.default.rp_filter\s*=\s*1)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.default.rp_filter\s*=\s*1)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.default.rp_filter\s*=\s*1)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.default.rp_filter\s*=\s*1)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.default.rp_filter\s*=\s*1)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv4.conf.default.rp_filter\s*=\s*1)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv4.conf.default.rp_filter\s*=\s*1)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv4.conf.default.rp_filter\s*=\s*1)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv6.conf.all.accept_ra\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv6.conf.all.accept_ra\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv6.conf.all.accept_ra\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv6.conf.all.accept_ra\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv6.conf.all.accept_ra\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv6.conf.all.accept_ra\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv6.conf.all.accept_ra\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv6.conf.all.accept_ra\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv6.conf.all.accept_ra\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv6.conf.default.accept_ra\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv6.conf.default.accept_ra\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv6.conf.default.accept_ra\s*=\s*0)(# These settings eliminate an entire class of security vulnerability:) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv6.conf.default.accept_ra\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv6.conf.default.accept_ra\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv6.conf.default.accept_ra\s*=\s*0)(# filenames (generally seen as "/tmp file race" vulnerabilities).) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1909 at wm_sca_pattern_matches(): DEBUG: Testing minterm (r:^\s*net.ipv6.conf.default.accept_ra\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1912 at wm_sca_pattern_matches(): DEBUG: Pattern test result: (r:^\s*net.ipv6.conf.default.accept_ra\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:10 sca[36505] wm_sca.c:1515 at wm_sca_check_file_contents(): DEBUG: (r:^\s*net.ipv6.conf.default.accept_ra\s*=\s*0)(# vulnerabilities. (Added in kernel 2.6.23.)) -> 0
2023/08/05 01:56:15 wazuh-modulesd[36505] url.c:424 at wurl_request_uncompress_bz2_gz(): DEBUG: File from URL 'https://security-metadata.canonical.com/oval/com.ubuntu.bionic.cve.oval.xml.bz2' was successfully uncompressed into 'tmp/vuln-temp'
2023/08/05 01:56:15 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:4965 at wm_vuldet_fetch_oval(): DEBUG: (5406): The feed 'Ubuntu Bionic' is in its latest version.
2023/08/05 01:56:15 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5256 at wm_vuldet_check_feed(): INFO: (5430): The update of the 'Ubuntu Bionic' feed finished successfully.
2023/08/05 01:56:15 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5233 at wm_vuldet_check_feed(): INFO: (5400): Starting 'Ubuntu Focal' database update.
2023/08/05 01:56:24 wazuh-modulesd[36505] url.c:424 at wurl_request_uncompress_bz2_gz(): DEBUG: File from URL 'https://security-metadata.canonical.com/oval/com.ubuntu.focal.cve.oval.xml.bz2' was successfully uncompressed into 'tmp/vuln-temp'
2023/08/05 01:56:24 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:4970 at wm_vuldet_fetch_oval(): DEBUG: (5407): The feed 'Ubuntu Focal' is outdated. Fetching the last version.
2023/08/05 01:56:24 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:4747 at wm_vuldet_oval_process(): DEBUG: (5411): Starting preparse step of feed 'FOCAL'
2023/08/05 01:56:24 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:4752 at wm_vuldet_oval_process(): DEBUG: (5412): Starting parse step of feed 'FOCAL'
2023/08/05 01:56:40 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:4894 at wm_vuldet_index_feed(): DEBUG: (5414): Refreshing 'Ubuntu Focal' databases.
2023/08/05 01:56:42 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:3273 at wm_vuldet_insert(): DEBUG: (5415): Inserting vulnerabilities.
2023/08/05 01:56:42 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:3343 at wm_vuldet_insert(): DEBUG: (5419): Inserting Ubuntu Focal vulnerabilities section.
2023/08/05 01:56:52 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:3444 at wm_vuldet_insert(): DEBUG: (5422): Inserting 'Ubuntu Focal' vulnerabilities references.
2023/08/05 01:56:53 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:3497 at wm_vuldet_insert(): DEBUG: (5423): Inserting 'Ubuntu Focal' vulnerabilities conditions.
2023/08/05 01:56:57 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:3571 at wm_vuldet_insert(): DEBUG: (5424): Inserting 'Ubuntu Focal' vulnerabilities package names.
2023/08/05 01:56:57 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:3613 at wm_vuldet_insert(): DEBUG: (5425): Inserting 'Ubuntu Focal' vulnerabilities package variables.
2023/08/05 01:56:58 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:3657 at wm_vuldet_insert(): DEBUG: (5426): Inserting 'Ubuntu Focal' vulnerabilities information.
2023/08/05 01:56:59 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:4900 at wm_vuldet_index_feed(): DEBUG: (5427): Refresh of 'Ubuntu Focal' database finished.
2023/08/05 01:56:59 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:4911 at wm_vuldet_index_feed(): DEBUG: remove(tmp/vuln-temp.bz2): No such file or directory
2023/08/05 01:56:59 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5256 at wm_vuldet_check_feed(): INFO: (5430): The update of the 'Ubuntu Focal' feed finished successfully.
2023/08/05 01:56:59 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5233 at wm_vuldet_check_feed(): INFO: (5400): Starting 'National Vulnerability Database' database update.
2023/08/05 01:56:59 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2010' of the vulnerability database.
2023/08/05 01:56:59 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2010.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:00 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2011' of the vulnerability database.
2023/08/05 01:57:00 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2011.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:01 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2012' of the vulnerability database.
2023/08/05 01:57:01 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2012.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:01 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2013' of the vulnerability database.
2023/08/05 01:57:01 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2013.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:02 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2014' of the vulnerability database.
2023/08/05 01:57:02 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2014.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:03 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2015' of the vulnerability database.
2023/08/05 01:57:03 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2015.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:03 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2016' of the vulnerability database.
2023/08/05 01:57:03 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2016.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:04 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2017' of the vulnerability database.
2023/08/05 01:57:04 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2017.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:05 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2018' of the vulnerability database.
2023/08/05 01:57:05 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2018.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:05 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2019' of the vulnerability database.
2023/08/05 01:57:05 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2019.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:06 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2020' of the vulnerability database.
2023/08/05 01:57:06 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2020.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:07 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2021' of the vulnerability database.
2023/08/05 01:57:07 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2021.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:07 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2022' of the vulnerability database.
2023/08/05 01:57:07 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2022.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:08 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2943 at wm_vuldet_update_feed(): DEBUG: (5401): Synchronizing the year '2023' of the vulnerability database.
2023/08/05 01:57:08 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2023.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5256 at wm_vuldet_check_feed(): INFO: (5430): The update of the 'National Vulnerability Database' feed finished successfully.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5235 at wm_vuldet_check_feed(): DEBUG: (5400): Starting 'Wazuh CPE dictionary' database update.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:7287 at wm_vuldet_fetch_wazuh_cpe(): DEBUG: (5406): The feed 'Wazuh CPE dictionary' is in its latest version.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5258 at wm_vuldet_check_feed(): DEBUG: (5400): Starting 'Wazuh CPE dictionary' database update.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5233 at wm_vuldet_check_feed(): INFO: (5400): Starting 'Microsoft Security Update' database update.
2023/08/05 01:57:09 wazuh-modulesd:download[36505] wm_download.c:231 at wm_download_dispatch(): DEBUG: Downloading 'https://feed.wazuh.com/vulnerability-detector/windows/msu-updates.meta' to 'tmp/vuln-temp'
2023/08/05 01:57:09 wazuh-modulesd:download[36505] wm_download.c:251 at wm_download_dispatch(): DEBUG: Download of 'https://feed.wazuh.com/vulnerability-detector/windows/msu-updates.meta' finished.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:7120 at wm_vuldet_check_feed_metadata(): DEBUG: (5406): The feed 'Microsoft Security Update' is in its latest version.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5256 at wm_vuldet_check_feed(): INFO: (5430): The update of the 'Microsoft Security Update' feed finished successfully.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:8490 at wm_vuldet_run_scan(): INFO: (5431): Starting vulnerability scan.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2817 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5439): A partial scan will be run on agent '000'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5691 at wm_vuldet_collect_agent_software(): DEBUG: (5437): Collecting agent '000' software.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2836 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5450): Analyzing agent '000' vulnerabilities.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2855 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5471): Finished vulnerability assessment for agent '000'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2856 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5470): It took '0' seconds to 'scan' vulnerabilities in agent '000'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2817 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5439): A partial scan will be run on agent '002'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5691 at wm_vuldet_collect_agent_software(): DEBUG: (5437): Collecting agent '002' software.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2836 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5450): Analyzing agent '002' vulnerabilities.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2855 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5471): Finished vulnerability assessment for agent '002'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2856 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5470): It took '0' seconds to 'scan' vulnerabilities in agent '002'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2817 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5439): A partial scan will be run on agent '003'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5691 at wm_vuldet_collect_agent_software(): DEBUG: (5437): Collecting agent '003' software.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2836 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5450): Analyzing agent '003' vulnerabilities.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2855 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5471): Finished vulnerability assessment for agent '003'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2856 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5470): It took '0' seconds to 'scan' vulnerabilities in agent '003'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2817 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5439): A partial scan will be run on agent '004'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5691 at wm_vuldet_collect_agent_software(): DEBUG: (5437): Collecting agent '004' software.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2836 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5450): Analyzing agent '004' vulnerabilities.
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2855 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5471): Finished vulnerability assessment for agent '004'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2856 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5470): It took '0' seconds to 'scan' vulnerabilities in agent '004'
2023/08/05 01:57:09 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2817 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5439): A partial scan will be run on agent '005'
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5691 at wm_vuldet_collect_agent_software(): DEBUG: (5437): Collecting agent '005' software.
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2836 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5450): Analyzing agent '005' vulnerabilities.
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2855 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5471): Finished vulnerability assessment for agent '005'
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2856 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5470): It took '1' seconds to 'scan' vulnerabilities in agent '005'
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2817 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5439): A partial scan will be run on agent '006'
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5691 at wm_vuldet_collect_agent_software(): DEBUG: (5437): Collecting agent '006' software.
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2836 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5450): Analyzing agent '006' vulnerabilities.
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2855 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5471): Finished vulnerability assessment for agent '006'
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2856 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5470): It took '0' seconds to 'scan' vulnerabilities in agent '006'
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2817 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5439): A partial scan will be run on agent '007'
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5691 at wm_vuldet_collect_agent_software(): DEBUG: (5437): Collecting agent '007' software.
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2836 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5450): Analyzing agent '007' vulnerabilities.
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2855 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5471): Finished vulnerability assessment for agent '007'
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2856 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5470): It took '0' seconds to 'scan' vulnerabilities in agent '007'
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2817 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5439): A partial scan will be run on agent '009'
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:5691 at wm_vuldet_collect_agent_software(): DEBUG: (5437): Collecting agent '009' software.
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2836 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5450): Analyzing agent '009' vulnerabilities.
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2855 at wm_vuldet_check_agent_vulnerabilities(): INFO: (5471): Finished vulnerability assessment for agent '009'
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:2856 at wm_vuldet_check_agent_vulnerabilities(): DEBUG: (5470): It took '0' seconds to 'scan' vulnerabilities in agent '009'
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:8505 at wm_vuldet_run_scan(): INFO: (5472): Vulnerability scan finished.
2023/08/05 01:57:10 wazuh-modulesd:vulnerability-detector[36505] wm_vuln_detector.c:8552 at wm_vuldet_run_sleep(): DEBUG: Sleeping for 300 seconds...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment