Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support new fields of Windows Registry at FIM inventory panel #2679

Closed
vikman90 opened this issue Dec 2, 2020 · 0 comments
Closed

Support new fields of Windows Registry at FIM inventory panel #2679

vikman90 opened this issue Dec 2, 2020 · 0 comments
Assignees
@snaow @CPAlejandro
Milestone
Sprint 122 - WUI

Comments

@vikman90
Copy link
Member

vikman90 commented Dec 2, 2020

Issue wazuh/wazuh#5576 introduces new improvements in the Windows Registry monitorization (FIM). The API and Framework added changes to the endpoint to support those improvements (issue wazuh/wazuh#6398 / PR wazuh/wazuh#6551).

However, those changes seem to cause the Inventory panel to hang.

Screenshot

image

Debug logs

This is the API log, where we noted that the App is mixing queries to /syscheck/003 with different sets of parameters, some of them produce error 400.

Successful call

2020/12/01 18:25:15 DEBUG: Getting data and status code
2020/12/01 18:25:15 DEBUG: Receiving parameters {'username': 'wazuh', 'roles': [1], 'token_nbf_time': 1606841988, 'run_as': False}
2020/12/01 18:25:15 DEBUG: Starting to execute request locally
2020/12/01 18:25:15 DEBUG: Finished executing request locally
2020/12/01 18:25:15 DEBUG: Time calculating request result: 0.42101383209228516s
2020/12/01 18:25:15 DEBUG: Receiving parameters {}
2020/12/01 18:25:15 DEBUG: Starting to execute request locally
2020/12/01 18:25:15 DEBUG: Finished executing request locally
2020/12/01 18:25:15 DEBUG: Time calculating request result: 0.008790254592895508s
2020/12/01 18:25:15 DEBUG: Receiving parameters {'agent_list': ['003'], 'offset': 0, 'limit': 15, 'sort': {'fields': ['file'], 'order': 'asc'}, 'summary': False, 'filters': {'type': 'file'}, 'distinct': False}
2020/12/01 18:25:15 DEBUG: Receiving parameters {'agent_list': ['003'], 'offset': 0, 'limit': 15, 'sort': {'fields': ['file'], 'order': 'asc'}, 'summary': False, 'filters': {'type': 'file'}, 'distinct': False}
2020/12/01 18:25:15 DEBUG: Starting to execute request locally
2020/12/01 18:25:15 DEBUG: Finished executing request locally
2020/12/01 18:25:15 DEBUG: Time calculating request result: 0.13935637474060059s
2020/12/01 18:25:15 INFO: wazuh 192.168.33.21 "GET /syscheck/003" done in 608.0000000001746ms: 200

Failing call

2020/12/01 18:25:16 DEBUG: Getting data and status code
2020/12/01 18:25:16 DEBUG: Receiving parameters {'username': 'wazuh', 'roles': [1], 'token_nbf_time': 1606841988, 'run_as': False}
2020/12/01 18:25:16 DEBUG: Starting to execute request locally
2020/12/01 18:25:16 DEBUG: Finished executing request locally
2020/12/01 18:25:16 DEBUG: Time calculating request result: 0.4302091598510742s
2020/12/01 18:25:16 DEBUG: Receiving parameters {}
2020/12/01 18:25:16 DEBUG: Starting to execute request locally
2020/12/01 18:25:16 DEBUG: Finished executing request locally
2020/12/01 18:25:16 DEBUG: Time calculating request result: 0.015842676162719727s
2020/12/01 18:25:16 INFO: wazuh 192.168.33.21 "GET /syscheck/003" done in 462.0000000013533ms: 400
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@snaow snaow

@CPAlejandro CPAlejandro

Labels
None yet
Projects
None yet
Milestone
Sprint 122 - WUI
Development

No branches or pull requests
4 participants
@snaow @vikman90 @CPAlejandro @frankeros