Description

We need to remove the current health-check process and replace it with a non-blocking background status validation process. The new approach focuses on improving reliability, performance, and user experience without fully blocking the dashboard after the initial service startup.

Updated Design

Initial Health Check (Startup)

When the Wazuh Dashboard service starts, it will perform an initial blocking health check to validate:

• That the wazuh.yml configuration is valid.
• There is connectivity with at least one reachable Wazuh API.
• The Wazuh API version is compatible.
• Index pattern existence will be checked but will not be blocking, since it can be resolved dynamically and may vary per tenant.

If any of the required checks fail, the app will remain on the Wazuh dashboard is not ready yet screen. A retry mechanism will be in place to handle temporary issues.

Post-Startup Health Monitoring

If the initial check passes and the dashboard is running, subsequent failures (e.g., API goes down or an index pattern is manually deleted) will not block the UI. Instead:

• A non-intrusive status indicator (e.g., notification bell) will inform users of issues.
• UI components should periodically request the latest health status (stored in memory on the server).
• If a request fails due to a health check condition, the related UI component should update the health-check state accordingly, but the rest of the dashboard remains functional.

Dynamic Index Pattern Recovery

Dashboards already include logic to create required index patterns if they are missing. This behavior will remain to allow recovery without interrupting the user workflow.

Configuration

All health check settings will be defined in the opensearch_dashboard.yml file. This makes them accessible to native services in the fork without requiring Wazuh plugin dependencies.

Tasks

• Create a new health check service
• Create a health check scheduled cronjob
• Add UI indicator (notification or similar) for degraded states
• Remove frontend health check and redirections
• Review settings that needs the health check
• Remove redirection on demand of health check in Miscellaneus
• Remove customization.logo.healthcheck setting
• Remove checks.* settings
• Add data source error initialization prompt
  • Dashboard tab of modules
  • Events tab of modules
  • MITRE ATT&CK > Framework tab
  • PCI DSS, GDPR, HIPAA, NIST 800-53, TSC > Controls tab
  • Recent events in flyouts
  • Cluster tab
  • Statistics tab
• Feedback 2025-08-21
  • Remove the critical state of server API connection-compatbility

Problems

• Read-only users can create index patterns through the internal user running the related check
• Wrapping views with the requirements of checks, could cause problems for the users that are using another context different to the global tenant if they did not pass.