This is the documentation for Wazuh 3.2. Check out the docs for the latest version of Wazuh!

wodle name=”vulnerability-detector”

New in version 3.2.0.

XML section name

<wodle name="vulnerability-detector">
</wodle>

Configuration options of the Vulnerability detector wodle.

Options

Options Allowed values
disabled yes, no
interval A positive number (seconds)
run_on_start yes, no
update_ubuntu_oval yes, no
update_redhat_oval yes, no

disabled

Disable the Vulnerability detector wodle.

Default value no
Allowed values yes, no

interval

Time between vulnerabilities detections.

Default value 1d
Allowed values A positive number that should contain a suffix character indicating a time unit, such as, s (seconds), m (minutes), h (hours), d (days).

run_on_start

Runs updates and detections immediately when service is started.

Default value yes
Allowed values yes, no

update_ubuntu_oval

Updates the Ubuntu OVAL

Default value yes
Allowed values yes, no  
Allowed tags interval Time between Ubuntu OVAL updates.
Allowed values A positive number that should contain a suffix character indicating a time unit, such as, s (seconds), m (minutes), h (hours), d (days).
version Ubuntu OVAL versions to download.
Allowed values Compatible Ubuntu versions separated by commas.

update_redhat_oval

Updates the Redhat OVAL

Default value yes
Allowed values yes, no  
Allowed tags interval Time between Redhat OVAL updates.
Allowed values A positive number that should contain a suffix character indicating a time unit, such as, s (seconds), m (minutes), h (hours), d (days).
version Redhat OVAL versions to download.
Allowed values Compatible Redhat versions separated by commas.

Example of configuration

<wodle name="vulnerability-detector">
  <disabled>no</disabled>
  <interval>1d</interval>
  <run_on_start>yes</run_on_start>
  <update_ubuntu_oval interval="1d" version="16,14">yes</update_ubuntu_oval>
  <update_redhat_oval interval="1d" version="7,6">yes</update_redhat_oval>
</wodle>

Note

See the Vulnerability detector section to obtain more information about this module.