Date: Fri, 10 Apr 2026 11:12:09 +0000 From: Lorenzo Salvadore <salvadore@FreeBSD.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org Cc: =?utf-8?Q?Jes=C3=BAs?= Daniel Colmenares Oviedo <dtxdf@FreeBSD.org> Subject: git: 9f26ca8079 - main - Status/2026Q1/wazuh.adoc: Add report Message-ID: <69d8db09.229fa.40e08eaa@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by salvadore: URL: https://cgit.FreeBSD.org/doc/commit/?id=9f26ca80793e63aaf97f45babafe2e42beed5b2d commit 9f26ca80793e63aaf97f45babafe2e42beed5b2d Author: Jesús Daniel Colmenares Oviedo <dtxdf@FreeBSD.org> AuthorDate: 2026-04-10 10:45:50 +0000 Commit: Lorenzo Salvadore <salvadore@FreeBSD.org> CommitDate: 2026-04-10 11:11:50 +0000 Status/2026Q1/wazuh.adoc: Add report --- .../en/status/report-2026-01-2026-03/wazuh.adoc | 70 ++++++++++++++++++++++ 1 file changed, 70 insertions(+) diff --git a/website/content/en/status/report-2026-01-2026-03/wazuh.adoc b/website/content/en/status/report-2026-01-2026-03/wazuh.adoc new file mode 100644 index 0000000000..aee4e6923d --- /dev/null +++ b/website/content/en/status/report-2026-01-2026-03/wazuh.adoc @@ -0,0 +1,70 @@ +=== Wazuh on FreeBSD + +Links: + +link:https://wazuh.com[Wazuh] URL: link:https://wazuh.com[] + +Contact: José Alonso Cárdenas Márquez <acm@FreeBSD.org> + +Contact: Jesús Daniel Colmenares Oviedo <dtxdf@FreeBSD.org> + +Wazuh is a free and open source platform used for threat prevention, detection, and response. +It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. + +Wazuh solution consists of an endpoint security agent, deployed to the monitored systems, and a management server, which collects and analyzes data gathered by the agents. +Besides, Wazuh has been fully integrated with the Elastic Stack or OpenSearch Stack, providing a search engine and data visualization tool that allows users to navigate through their security alerts. + +A lot has happened this quarter. +Numerous improvements and bug fixes to enhance FreeBSD's support with this excellent XDR/SIEM and security platform. + +* We have created a repository on GitHub to centralize the work and reduce patches in the manager and the agent. +Links: link:https://github.com/alonsobsd/wazuh-freebsd[Repository], link:https://cgit.freebsd.org/ports/commit/?id=b1f52980fe0a34ccaa674408c92869aec9aac4fe[b1f5298] +* Python bundle has been updated to 3.11.15. +Link: link:https://cgit.freebsd.org/ports/commit/?id=c941e5b33dea22c240b2b0bb53dd191bb1e8da4a[c941e5b] +* An issue that prevented wazuh-manager from starting when the MYSQL option was enabled has been fixed. +Link: link:https://cgit.freebsd.org/ports/commit/?id=c941e5b33dea22c240b2b0bb53dd191bb1e8da4a[c941e5b] +* A parsing issue in sysinfo's `getPorts()` function has been fixed. +Link: link:https://cgit.freebsd.org/ports/commit/?id=35fcd6a4cc00bedfe350da9503d4d09d3e914006[35fcd6a] +* Support for FreeBSD has been added to asyncinotify library that prevents Wazuh API starting correctly. +Link: link:https://cgit.freebsd.org/ports/commit/?id=35fcd6a4cc00bedfe350da9503d4d09d3e914006[35fcd6a] +* Now Wazuh uses OpenSearch Dashboards 2.19.4. +Link: link:https://cgit.freebsd.org/ports/commit/?id=b1f52980fe0a34ccaa674408c92869aec9aac4fe[b1f5298] +* sysinfo module can now obtain users and groups information. +Link: link:https://cgit.freebsd.org/ports/commit/?id=e9cebac52c06bab51b406304d7e5a6397fddec77[e9cebac] +* An issue between the agent and the manager that prevented a successful active state for TCP connections has been fixed, and now this protocol is the default instead of UDP. +Link: link:https://cgit.freebsd.org/ports/commit/?id=055d5c96c56d8cc876451ccb9b0eb80bcac8d72a[055d5c9], link:https://cgit.freebsd.org/ports/commit/?id=508a8c8d4b9b836cc1effee7b5f462a53c644501[508a8c8] +* FreeBSD SCA, decoders and rules files were updated, fixing conflict issues. +Links: link:https://cgit.freebsd.org/ports/commit/?id=055d5c96c56d8cc876451ccb9b0eb80bcac8d72a[055d5c9], link:https://cgit.freebsd.org/ports/commit/?id=508a8c8d4b9b836cc1effee7b5f462a53c644501[508a8c8] +* A problem with Python scripts in the manager prevented their correct execution when the `CRYPTOGRAPHY_OPENSSL_NO_LEGACY` environment variable is not set. +Link: link:https://cgit.freebsd.org/ports/commit/?id=8bd6c77634f475a0ff31bda46b4c04f91fa74d79[8bd6c77] +* The sysinfo's `getSerialNumber()` function has been improved, so the manager and the agent can now use the `kern.hostuuid` sysctl to uniquely identify devices. +Link: link:https://cgit.freebsd.org/ports/commit/?id=284813ec0382a2bfe5b2e74a3081a67599d3155d[284813e] +* An issue in wazuh-modulesd has been fixed that caused a SIGSEGV while decompressing the vulnerability detection database and accesses to an unitialized structure. +Link: link:https://cgit.freebsd.org/ports/commit/?id=d3c13b6b24ec7d9be58f0ebd3a2c7d0a2e7b7d79[d3c13b6] +* An issue in the agent has been fixed that caused a "permission error" due to an incorrect owner in the [.filename]#etc/clients.keys# file. +Link: link:https://cgit.freebsd.org/ports/commit/?id=c74ab75450040f0367851979ff46cd64d74d6a1f[c74ab75] +* package:security/wazuh-server[] switched from beats7 to beats8. +Link: link:https://cgit.freebsd.org/ports/commit/?id=ce6831e12ecbcdbce6a1b4fb2988b9663e370a78][ce6831e] +* Fixed a segmentation fault in wazuh-modulesd when man:pkg[8] is not installed on the system and sysinfo's `getPackages()` function is trying to obtain information about installed packages. +Now this function has been reimplemented to use SQLite. +Link: link:https://cgit.freebsd.org/ports/commit/?id=ff957155fa2a7ee01ceeec45b1fb75d80f856c58[ff95715], link:https://cgit.freebsd.org/ports/commit/?id=a4242bfeafc2dd423cf145060abb9b5562958c72[a4242bf] +* Apply man:dos2unix[1] to Wazuh API's [.filename]#api.yaml# file. +Link: link:https://cgit.freebsd.org/ports/commit/?id=a4242bfeafc2dd423cf145060abb9b5562958c72[a4242bf] +* An issue with wazuh-apid has been fixed that prevents it to start correctly, marking itself as DOWN, when `security.bsd.see_other_{u,g}ids` is set to `0`. +Link: link:https://cgit.freebsd.org/ports/commit/?id=c86d3fc116b3437ff3351e8e886926175aaec2b1[c86d3fc] +* A page has been created on the FreeBSD wiki to centralize the work we have done and what remains to be done. +Link: link:https://wiki.FreeBSD.org/Wazuh[Wiki] + +Makejails for Wazuh has been improved and now mimics the official Dockerfiles, so users familiar with it can easily deploy all Wazuh components using link:https://github.com/DtxdF/AppJail[AppJail] and link:https://github.com/DtxdF/director[Director]: + +* link:https://github.com/AppJail-makejails/wazuh-manager[wazuh-manager] +* link:https://github.com/AppJail-makejails/wazuh-agent[wazuh-agent] +* link:https://github.com/AppJail-makejails/wazuh-indexer[wazuh-indexer] +* link:https://github.com/AppJail-makejails/wazuh-certs-tool[wazuh-certs-tool] +* link:https://github.com/AppJail-makejails/wazuh-dashboard[wazuh-dashboard] + +This also adds cluster-mode infrastructure for Makejails. + +Vulnerability detection is not yet implemented in FreeBSD, but link:https://github.com/DtxdF/serpico[Serpico] has been developed to address this deficiency. +Serpico is a security scanner for FreeBSD packages and releases that compares versions against a list of versions marked as vulnerable and displays vulnerability information in a compact JSON format for easy analysis with other security tools. +The package includes rules for Wazuh and a dashboard that can be easily installed via the web-UI or the OpenSearch Dashboards API. + +Current version: 4.14.3home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69d8db09.229fa.40e08eaa>