You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have deployed Wazuh based on the kubernetes manifests in this repo (using v4.7.5). I have made some adjustments to the manifests, and everything works as expected. I have been able to integrate Wazuh agents, integrate AWS cloudwatch logs, but am running into an issue for Google cloud integration.
I am trying to integrate Wazuh with Google Cloud Pub/Sub messaging and ingestion service using the Wazuh module for Google Cloud Pub/Sub. I setup everything on Google Cloud and Wazuh's side using the steps mentioned at: pubsub.html.
While looking at logs (after enabling debug logging), I saw the following logs messages:
Nov 4, 2024 @ 16:38:50.000 wazuh-modulesd:gcp-pubsub DEBUG Starting fetching of logs.
Nov 4, 2024 @ 16:38:50.000 wazuh-modulesd:gcp-pubsub DEBUG Create argument list
Nov 4, 2024 @ 16:38:50.000 wazuh-modulesd:gcp-pubsub DEBUG Launching command: wodles/gcloud/gcloud --integration_type pubsub --project wazuhproject-139305 --subscription_id gcpfindings --credentials_file /var/ossec/wodles/gcloud/credentials.json --max_messages 100 --num_threads 1 --log_level 2
Nov 4, 2024 @ 16:38:51.000 wazuh-modulesd:gcp-pubsub WARNING Command returned exit code 1
Nov 4, 2024 @ 16:38:51.000 wazuh-modulesd:gcp-pubsub DEBUG Fetching logs finished.
Nov 4, 2024 @ 16:38:51.000 wazuh-modulesd:gcp-pubsub DEBUG Sleeping until: 2024/11/05 00:39:50
Since this log didn't show a useful error message, I attached to the running container for wazuh-manager, and ran the following command:
root@wazuh-manager-master-0:/var/ossec# wodles/gcloud/gcloud --integration_type pubsub --project wazuhproject-439604 --subscription_id gcpfindings-sub --credentials_file /var/ossec/wodles/gcloud/credentials.json --max_messages 100 --num_threads 1 --log_level 2
Traceback (most recent call last):
File "/var/ossec/wodles/gcloud/gcloud.py", line 12, in <module>
import exceptions
ModuleNotFoundError: No module named 'exceptions'
root@wazuh-manager-master-0:/var/ossec#
As you can see, it seems that the google cloud module script doesn't have the necessary Python dependencies installed in the wazuh-manager container. Does it seem correct, or am I missing something?
Note: I have also tried with kubernetes manifest versions v4.7.0 and v4.5.0, and gotten same results.
The text was updated successfully, but these errors were encountered:
I have deployed Wazuh based on the kubernetes manifests in this repo (using v4.7.5). I have made some adjustments to the manifests, and everything works as expected. I have been able to integrate Wazuh agents, integrate AWS cloudwatch logs, but am running into an issue for Google cloud integration.
I am trying to integrate Wazuh with Google Cloud Pub/Sub messaging and ingestion service using the Wazuh module for Google Cloud Pub/Sub. I setup everything on Google Cloud and Wazuh's side using the steps mentioned at: pubsub.html.
While looking at logs (after enabling debug logging), I saw the following logs messages:
Since this log didn't show a useful error message, I attached to the running container for wazuh-manager, and ran the following command:
As you can see, it seems that the google cloud module script doesn't have the necessary Python dependencies installed in the wazuh-manager container. Does it seem correct, or am I missing something?
Note: I have also tried with kubernetes manifest versions v4.7.0 and v4.5.0, and gotten same results.
The text was updated successfully, but these errors were encountered: