Once an agent is installed on a machine to be monitored, it must be registered with the Wazuh server in order to establish communication. Take a look at The registration process.
A registered agent will remain in the manager until it is removed by the user. There are four different states that an agent may be in at any given time, as shown in the image below:
Never connected: The agent has been registered but has not yet connected to the manager.
Pending. The authentication process is pending: The manager has received a request for connection from the agent but has not received anything else. This may indicate a firewall issue. The agent will be in this state one time in its life cycle after each startup.
Active: The agent has successfully connected and can now communicate with the manager.
Disconnected: The manager will consider the agent disconnected if it does not receive any
keep alivemessages within agents_disconnection_time (10m default time).