tools/debug/README.md
This folder contains several Python scripts designed to help debug, analyze, and interact with Wazuh internals. Each script targets a specific aspect of Wazuh's operation, such as querying sockets, sending messages, or analyzing performance data.
csv-stat.pyAnalyzes CSV files generated by performance tests. Reports CPU and RSS statistics for a specified daemon/process.
python3 csv-stat.py <DAEMON> <FILE>
<DAEMON>: Name of the process to filter.<FILE>: Path to the CSV file.queue-mitm.pyMan-in-the-middle tool for the Wazuh queue socket. Intercepts and forwards messages between daemons and the main queue socket for debugging and analysis.
python3 queue-mitm.py
sendmsg.pySends messages to the main Wazuh queue (analysisd/agentd). Useful for testing message handling and queue operations.
python3 sendmsg.py [-L] [message]
echo "msg" | python3 sendmsg.py
-L: Send the message in a loop until interrupted.message: Message to send (<id>:<location>:<log> format).socket-query.pySends queries to Wazuh module control sockets and prints the response. Useful for interacting with module APIs.
echo -n '{"command":"getconfig","parameters":{"section":"internal"}}' | python3 socket-query.py /var/wazuh-manager/queue/sockets/analysis
wdb-query.pyPerforms concurrent queries to the Wazuh DB (WDB) using multiple workers. Reads queries from stdin and prints formatted responses.
python3 wdb-query.py [WORKERS]
[WORKERS]: Number of concurrent connections (default: 8).