From 851910e185dcf5ee4fae57744403c928b7273c16 Mon Sep 17 00:00:00 2001
From: CyberMind-FR <gandalf@Gk2.net>
Date: Sun, 15 Feb 2026 09:11:07 +0100
Subject: [PATCH] feat(wazuh): Add watchdog to wazuh-agent startup script

Adds a watchdog loop that checks every 60 seconds if wazuh-agentd
is running and automatically restarts the Wazuh service if it stops.

Fixes agent disconnection issues caused by wazuh-agentd process dying.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 .../srv/wazuh-agent/start-wazuh-agent.sh      | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 package/secubox/secubox-wazuh-manager/files/srv/wazuh-agent/start-wazuh-agent.sh

diff --git a/package/secubox/secubox-wazuh-manager/files/srv/wazuh-agent/start-wazuh-agent.sh b/package/secubox/secubox-wazuh-manager/files/srv/wazuh-agent/start-wazuh-agent.sh
new file mode 100644
index 00000000..c7ab55fc
--- /dev/null
+++ b/package/secubox/secubox-wazuh-manager/files/srv/wazuh-agent/start-wazuh-agent.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+# Wazuh Agent LXC Container Startup Script
+# Includes watchdog to ensure wazuh-agentd stays running
+
+export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+export HOME=/root
+
+# DNS
+echo "nameserver 1.1.1.1" > /etc/resolv.conf
+
+# Start Wazuh agent
+if [ -x /var/ossec/bin/wazuh-control ]; then
+    /var/ossec/bin/wazuh-control start
+fi
+
+# Watchdog - check every 60 seconds if wazuh-agentd is running
+while true; do
+    sleep 60
+    if ! pgrep -x wazuh-agentd > /dev/null 2>&1; then
+        echo "[$(date)] WATCHDOG: wazuh-agentd not running, restarting..." >> /var/log/wazuh-watchdog.log
+        /var/ossec/bin/wazuh-control restart
+    fi
+done