wazuh
diff --git a/‎CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎source/_static/js/redirects.js‎
Lines changed: 6 additions & 0 deletions b/‎source/_static/js/redirects.js‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎source/user-manual/capabilities/vulnerability-detection/FAQ.rst‎
Lines changed: 0 additions & 102 deletions b/‎source/user-manual/capabilities/vulnerability-detection/FAQ.rst‎
Lines changed: 0 additions & 102 deletions
diff --git a/‎source/user-manual/capabilities/vulnerability-detection/configuring-scans.rst‎
Lines changed: 97 additions & 0 deletions b/‎source/user-manual/capabilities/vulnerability-detection/configuring-scans.rst‎
Lines changed: 97 additions & 0 deletions
diff --git a/‎source/user-manual/capabilities/vulnerability-detection/index.rst‎
Lines changed: 1 addition & 2 deletions b/‎source/user-manual/capabilities/vulnerability-detection/index.rst‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎source/user-manual/capabilities/vulnerability-detection/known-issues.rst‎
Lines changed: 0 additions & 133 deletions b/‎source/user-manual/capabilities/vulnerability-detection/known-issues.rst‎
Lines changed: 0 additions & 133 deletions
diff --git a/‎source/user-manual/capabilities/vulnerability-detection/troubleshooting.rst‎
Lines changed: 0 additions & 15 deletions b/‎source/user-manual/capabilities/vulnerability-detection/troubleshooting.rst‎
Lines changed: 0 additions & 15 deletions
@@ -10,6 +10,7 @@ All notable changes to this project will be documented in this file.
 ### Changed
 
 - **Post-release**: Updated the upgrade guide for Wazuh central components. ([#8934](https://github.com/wazuh/wazuh-documentation/pull/8934)) ([#8941](https://github.com/wazuh/wazuh-documentation/pull/8941)) ([#8944](https://github.com/wazuh/wazuh-documentation/pull/8944))
+- **Post-release**: Added indexer connector configuration steps to vulnerability detection documentation and removed troubleshooting section. ([#8942](https://github.com/wazuh/wazuh-documentation/pull/8942))
 
 ## [v4.13.0]
 
 
@@ -69,6 +69,12 @@ removedUrls['x.y'] = [
 
 /* *** RELEASE 4.13 ****/
 
+removedUrls['4.13'] = [
+  '/user-manual/capabilities/vulnerability-detection/troubleshooting.html',
+  '/user-manual/capabilities/vulnerability-detection/FAQ.html',
+  '/user-manual/capabilities/vulnerability-detection/known-issues.html',
+];
+
 /* Pages added in 4.13 */
 
 newUrls['4.13'] = [
 
@@ -24,6 +24,103 @@ Where:
 -  ``<index-status>`` enables the indexing of vulnerability inventory data. The default value is ``yes``. The allowed values are ``yes`` and ``no``.
 -  ``<feed-update-interval>`` specifies the time interval for periodic feed updates. The default value is ``60m`` (one hour), the minimum allowed. The allowed value is a positive number that contains a suffix character indicating a time unit, such as ``s`` (seconds), ``m`` (minutes), ``h`` (hours), and ``d`` (days).
 
+The detected vulnerabilities are forwarded to the Wazuh indexer for querying, visualization, and deeper analysis using the :doc:`indexer connector </user-manual/reference/ossec-conf/indexer>` setting. The indexer connector setting is enabled by default in the ``/var/ossec/etc/ossec.conf`` file of the Wazuh manager. 
+
+The indexer connector may be missing if the Wazuh manager is using an old configuration file or if vulnerability detection was disabled during installation. In such cases, follow the steps below to add the indexer connector setting. 
+
+#. Add the indexer connector configuration block below to the ``/var/ossec/etc/ossec.conf`` file on the Wazuh manager:
+
+   .. code-block:: xml
+
+      <indexer>
+        <enabled>yes</enabled>
+        <hosts>
+          <host>https://0.0.0.0:9200</host>
+        </hosts>
+        <ssl>
+          <certificate_authorities>
+            <ca>/etc/filebeat/certs/root-ca.pem</ca>
+          </certificate_authorities>
+          <certificate>/etc/filebeat/certs/filebeat.pem</certificate>
+          <key>/etc/filebeat/certs/filebeat-key.pem</key>
+        </ssl>
+      </indexer>
+
+   Ensure:
+
+   -  The ``<hosts>`` section contains the IP address or hostname of your Wazuh indexer node. You can find this value in the Filebeat configuration file at ``/etc/filebeat/filebeat.yml``. 
+   -  The ``<ca>``, ``<certificate>``, and ``<key>`` names match the files located in ``/etc/filebeat/certs/``.
+
+#. If you are running a Wazuh indexer cluster infrastructure, add a ``<host>`` entry for each one of your Wazuh indexer nodes. For example, in a two-node configuration:
+
+   .. code-block:: xml
+
+      <hosts>
+        <host>https://10.0.0.1:9200</host>
+        <host>https://10.0.0.2:9200</host>
+      </hosts>
+
+   The Wazuh server will prioritize reporting to the first Wazuh indexer node in the list and switch to the next available node if the first one becomes unavailable.
+
+#. Save the Wazuh indexer username and password into the Wazuh manager keystore using the :doc:`Wazuh-keystore </user-manual/reference/tools/wazuh-keystore>` tool:
+
+   .. code-block:: console
+
+      # echo '<WAZUH_INDEXER_USERNAME>' | /var/ossec/bin/wazuh-keystore -f indexer -k username
+      # echo '<WAZUH_INDEXER_PASSWORD>' | /var/ossec/bin/wazuh-keystore -f indexer -k password
+
+   If you have forgotten your Wazuh indexer password, refer to the :doc:`password management guide </user-manual/user-administration/password-management>` to reset it.
+
+#. Run the command below to verify the connection to the Wazuh indexer using the curl command from the Wazuh server. Enter the Wazuh indexer password when prompted:
+
+   .. code-block:: console
+
+      # curl --cacert <ROOT_CA> --cert <CERTIFICATE_PEM> --key <CERTIFICATE_KEY> -u <WAZUH_INDEXER_USER> -XGET https://<INDEXER_IP_ADDRESS>:9200/_cluster/health
+
+   Where:
+
+   -  ``<ROOT_CA>``, ``<CERTIFICATE_PEM>``, ``<CERTIFICATE_KEY>``: Certificate paths.
+   -  ``<WAZUH_INDEXER_USER>``: Admin username of the Wazuh indexer.
+   -  ``<INDEXER_IP_ADDRESS>``: IP address of the Wazuh indexer.
+
+   If this command fails, the vulnerability detector module won't be able to connect to the Wazuh indexer.
+
+   To check if the issue is related to certificates, bypass certificate verification using the ``-k`` option. Enter the Wazuh indexer password when prompted:
+
+   .. code-block:: console
+
+      # curl -k -u <WAZUH_INDEXER_USERNAME> -XGET https://<INDEXER_IP_ADDRESS>:9200/_cluster/health
+
+   A successful connection returns a result similar to the following:
+
+   .. code-block:: json
+
+      {
+          "cluster_name": "opensearch",
+          "status": "green",
+          "timed_out": false,
+          "number_of_nodes": 1,
+          "number_of_data_nodes": 1,
+          "discovered_master": true,
+          "discovered_cluster_manager": true,
+          "active_primary_shards": 9,
+          "active_shards": 9,
+          "relocating_shards": 0,
+          "initializing_shards": 0,
+          "unassigned_shards": 0,
+          "delayed_unassigned_shards": 0,
+          "number_of_pending_tasks": 0,
+          "number_of_in_flight_fetch": 0,
+          "task_max_waiting_in_queue_millis": 0,
+          "active_shards_percent_as_number": 100.0
+      }
+
+#. Restart the Wazuh manager to apply the configuration:
+
+   .. code-block:: console
+
+      # sudo systemctl restart wazuh-manager
+
 .. note::
 
    To enable vulnerability detection on the Wazuh manager, modify the ``internal_options.conf`` file at ``/var/ossec/etc/internal_options.conf``. Set the parameter ``vulnerability-detection.disable_scan_manager`` from ``1`` to ``0``. This change allows the Vulnerability Detection module to include the Wazuh manager host in its scans. After updating the configuration, restart the Wazuh manager to ensure the changes take effect.
 
@@ -21,5 +21,4 @@ The Wazuh agent collects a list of installed applications (software inventory da
       :maxdepth: 2
 
       how-it-works
-      configuring-scans
-      troubleshooting
+      configuring-scans