Agent Spoofing - Multiple Hosts Using Same Agent after update to 8.5.3

Paradox · December 15, 2022, 9:17am

Hello,

since the update to ELS 8.5.3 we receive
"Agent Spoofing - Multiple Hosts Using Same Agent" messages. We were able to narrow down the message to be related to the DHCP integration. As soon as this is activated, these messages appear in the Elastic-Security Alerts. Is the problem already known?

greetings

wsouza · December 25, 2022, 11:39pm

After the stack update, did you check for updates to the integrations? It is also interesting to check your Policies if they do not have any indication of abnormalities.

system · January 22, 2023, 11:40pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Endpoint Agent two host showing in logs-* per host Beats elastic-agent	3	395	February 17, 2021
Elastic Agent Synthetics integration - How to separate hosts in icmp monitor Elastic Agent	1	217	September 28, 2022
Is it possible to install multiple agents concurrently on the same host? Elastic Agent	2	288	April 4, 2024
Elastic Endpoint Security with Elastic Agent Endpoint Security	16	3040	November 10, 2020
Large number of entries in `host.ip` of almost all logs from Elastic Agent Elastic Agent	1	283	September 28, 2022

Agent Spoofing - Multiple Hosts Using Same Agent after update to 8.5.3

Related topics