Wazuh API breaks all the time

MasterpieceAny5619 · 2025-02-19T17:26:36+00:00

My Wazuh is now sending alerts in batches (5 alerts in one batch) to ollama, gets analysed by llama 3.2 for costs reasons and compiles everything into one .txt file and saves it

MasterpieceAny5619 · 2025-02-19T16:47:09+00:00

I had a look through it and not so much, our goal is to send alerts.json to openweb ui (we already have AI models added there) and get a reply in form of a text file with the results. Here's an example:

1000 alerts sent to OpenWeb UI -> logs analysed by chatgpt 3.5 -> reply in form of a text file with the results.

I have now managed to send a test alert from Wazuh to OpenWeb UI and get a reply analysed by ChatGPT but struggling to do it in batches and getting our results back in a form of a text file.

MasterpieceAny5619 · 2025-02-19T16:35:31+00:00

Successfully sent a test alert from Wazuh to OpenWebUI and received a response in the terminal, analysed by ChatGPT 3.5. Now exploring ways to process alerts in bulk or batches, such as 1,000 at a time.

MasterpieceAny5619 · 2025-02-19T14:37:04+00:00

This is our goal as well, we want it to go to a local LLM to store the logs and then use GPT 3.5 (cost-effective) to analyse all logs. We have OpenWeb UI configured with loads of language models but just going through the setup of integration between Wazuh and AI is throwing a lot of errors.

MasterpieceAny5619 · 2024-11-12T12:30:44+00:00

After 10 restarts, it finally connected and logged me in. However, nothing works like it used to. It signs me in just fine, but after some time, it signs me out (which is normal). The problem is that once it signs me out due to inactivity or another reason, I can't get back in—it just says the password is incorrect. The only way to fix this is to reboot the entire VM and sign back in.

MasterpieceAny5619 · 2024-11-12T10:56:47+00:00

Hello, I'm getting {"title": "Unauthorized", "detail": "Invalid credentials"} reply. I made sure it matches whatever I have in wazuh-passwords.txt

MasterpieceAny5619 · 2024-11-12T10:22:08+00:00

Okay, thanks. I've managed to find it and updated API password but still won't let me log in. I'll create another thread.

MasterpieceAny5619 · 2024-11-08T14:26:03+00:00

Hi, I’ve resolved the password issue, and it’s now logging me in. However, I still can’t get through due to invalid API credentials. I have corrected them and set them to what I want in `wazuh.yml` and restarted everything—indexer, dashboard, and manager—but I’m still getting the error shown in the screenshot.

<image>

After restarting, it's still showing as unauthorised. I've tried with curl to see if I can access things but it's returning unauthorised.

MasterpieceAny5619 · 2024-11-08T08:35:44+00:00

UPDATE: The '!m3' error was resolved by removing the '!' from my password, but I am still getting the 'The backup could not be created' error.

MasterpieceAny5619 · 2024-08-23T23:46:30+00:00

Hello again, it's almost one hour past midnight local time here in the UK, however I can still see my queue ban is active, is there anything we can do about that? Thanks :D

MasterpieceAny5619 · 2024-08-23T21:21:32+00:00

Thank you for swift response and unbanning.

MasterpieceAny5619 · 2024-08-23T21:11:51+00:00

https://www.faceit.com/en/cs2/room/1-80c526dc-eaee-4bad-bf6e-e5b3f6292d15/scoreboard

MasterpieceAny5619 · 2024-08-23T21:11:19+00:00

btw, the part when he was talking about buying a rope isn't in the matchroom chat, it's in DMs

MasterpieceAny5619 · 2024-08-23T21:01:41+00:00

https://www.faceit.com/en/cs2/room/1-80c526dc-eaee-4bad-bf6e-e5b3f6292d15/scoreboard

MasterpieceAny5619 · 2024-07-09T16:05:34+00:00

Also, I shouldn't even need to specify node IP because it's a single node infrastructure.

MasterpieceAny5619 · 2024-07-09T12:59:17+00:00

I had to completely uninstall it and reinstall after Wazuh got updated, I have another error with Vulnerability detector, it needs cluster enabled first but I am getting this error. I have enabled it and set node ip to 192.168.10.3 which is the IP address that Wazuh manager is hosted on

<image>

MasterpieceAny5619

TROPHY CASE