r/Wazuh

Hello all, Wazuh fighters :),

I would like to ask regarding possibilities to keep agents "up to date" with Manager version, but in the completely offline environment. The main restriction is that neither Wazuh servers nor endpoints with agent installed have access to the internet. No proxy solution is possible, at least not at the moment.

So, i would like to know if there is a way how to do it. I was thinking about to be able to sideload agent packages from some official Wazuh repo / storage, upload them manually to some specific FS location on manager and trigger the update process from GUI or via CLI tool. Would something like this be possible? Is there official support for such a process?

Is there somebody who actually used this approach and it worked, is working?

I would be verry thankful for any suggestions, advices.

Thanks in advanced

Lukas

Good evening,

Qualys reported several vulnerabilities affecting Packetbeat, specifically ESA-2025-30 and ESA-2025-31, but I’m not sure how to mitigate them.

I tried updating Packetbeat, but it reports that we’re already running the latest available version in our environment (7.10.2). I’d rather not upgrade to a different major branch because it could introduce compatibility issues.

Has anyone already dealt with these vulnerabilities? How did you mitigate them?

Also, is Wazuh actually vulnerable to these issues, or do they only affect standalone Packetbeat deployments?

Any guidance would be appreciated. Thanks!

Bonjour,

Je souhaite superviser mes wazuh managers. Est ec que je peux installer des wazuh-agebt dessus ?

Je constate que certaines logs sont remontées cependant beaucoup de fonctionnalités sont indisponibles comme le configuration assessment ou le scan de vulnérabilité. Je ne sais pas comment gérer le tout de manière centralisée et avoir la visualisation. Quelles sont les bonnes pratiques ?

Merci d'avance