diff --git a/CHANGELOG.md b/CHANGELOG.md
index f07b16de9b..0cc434fb6f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -44,6 +44,7 @@ Release report: TBD
 
 ### Changed
 
+- Improve `test_assign_groups_guess` ([#3901](https://github.com/wazuh/wazuh-qa/pull/3901)) \- (Tests)
 - Update `test_cluster_worker_logs_order` test ([#3896](https://github.com/wazuh/wazuh-qa/pull/3896)) \- (Tests)
 - Fix `test_agent_groups` ([#3889](https://github.com/wazuh/wazuh-qa/pull/3889)) \- (Tests + Framework)
 - Increase NVE download feed test timeout([#3769](https://github.com/wazuh/wazuh-qa/pull/3769)) \- (Tests)
diff --git a/tests/system/provisioning/enrollment_cluster/playbook.yml b/tests/system/provisioning/enrollment_cluster/playbook.yml
index 4ed9c9bd28..285aa3de3d 100644
--- a/tests/system/provisioning/enrollment_cluster/playbook.yml
+++ b/tests/system/provisioning/enrollment_cluster/playbook.yml
@@ -1,8 +1,7 @@
----
 - name: Create our container (Master)
   hosts: localhost
   vars_files:
-    - ./vars/configurations.yml
+    - ./vars/configurations.yaml
   tasks:
     - name: Create a network
       docker_network:
@@ -17,7 +16,7 @@
 - name: Create our container (Worker1)
   hosts: localhost
   vars_files:
-    - ./vars/configurations.yml
+    - ./vars/configurations.yaml
   tasks:
     - docker_container:
         name: "{{ worker1_hostname }}"
@@ -29,7 +28,7 @@
 - name: Create our container (Worker2)
   hosts: localhost
   vars_files:
-    - ./vars/configurations.yml
+    - ./vars/configurations.yaml
   tasks:
     - docker_container:
         name: "{{ worker2_hostname }}"
@@ -41,7 +40,7 @@
 - name: Create our container (Agent1)
   hosts: localhost
   vars_files:
-    - ./vars/configurations.yml
+    - ./vars/configurations.yaml
   tasks:
     - docker_container:
         name: "{{ agent1_hostname }}"
@@ -53,29 +52,29 @@
 - name: Wazuh Master
   hosts: wazuh-master
   vars:
-    master_hostname: "wazuh-master"
+    master_hostname: wazuh-master
   vars_files:
-    - ./vars/configurations.yml
+    - ./vars/configurations.yaml
   roles:
-    - name: "roles/master-role"
+    - name: roles/master-role
 
 - name: Wazuh Worker1
   hosts: wazuh-worker1
   vars:
     worker_name: wazuh-worker1
   vars_files:
-    - ./vars/configurations.yml
+    - ./vars/configurations.yaml
   roles:
-    - name: "roles/worker-role"
+    - name: roles/worker-role
 
 - name: Wazuh Worker2
   hosts: wazuh-worker2
   vars:
     worker_name: wazuh-worker2
   vars_files:
-    - ./vars/configurations.yml
+    - ./vars/configurations.yaml
   roles:
-    - name: "roles/worker-role"
+    - name: roles/worker-role
 
 - name: Wazuh Agent1
   hosts: wazuh-agent1
@@ -83,6 +82,6 @@
     manager_hostname: wazuh-master
     agent_hostname: "{{ agent1_hostname }}"
   vars_files:
-    - ./vars/configurations.yml
+    - ./vars/configurations.yaml
   roles:
-    - name: "roles/agent-role"
+    - name: roles/agent-role
diff --git a/tests/system/provisioning/enrollment_cluster/roles/agent-role/tasks/main.yml b/tests/system/provisioning/enrollment_cluster/roles/agent-role/tasks/main.yaml
similarity index 57%
rename from tests/system/provisioning/enrollment_cluster/roles/agent-role/tasks/main.yml
rename to tests/system/provisioning/enrollment_cluster/roles/agent-role/tasks/main.yaml
index 06cea850a2..a10142aeab 100644
--- a/tests/system/provisioning/enrollment_cluster/roles/agent-role/tasks/main.yml
+++ b/tests/system/provisioning/enrollment_cluster/roles/agent-role/tasks/main.yaml
@@ -1,9 +1,8 @@
----
-- name: "Check and update debian repositories"
+- name: Check and update debian repositories
   shell:
     cmd: apt-get update --allow-releaseinfo-change
 
-- name: "Installing dependencies using apt"
+- name: Installing dependencies using apt
   apt:
     pkg:
       - git
@@ -18,14 +17,14 @@
       - libtool
       - python3-pytest
       - libssl-dev
-    force_apt_get: yes
+    force_apt_get: true
     state: present
-    update_cache: yes
+    update_cache: true
     cache_valid_time: 3600
 
-- name: "Clone wazuh repository"
+- name: Clone wazuh repository
   git:
-    repo: "https://github.com/wazuh/wazuh"
+    repo: https://github.com/wazuh/wazuh
     dest: /wazuh
     version: "{{ wazuh_branch }}"
 
@@ -34,19 +33,19 @@
     chdir: /wazuh
     creates: /var/ossec
   environment:
-    USER_LANGUAGE: "en"
-    USER_NO_STOP: "y"
-    USER_INSTALL_TYPE: "agent"
-    USER_DIR: "/var/ossec"
-    USER_ENABLE_EMAIL: "n"
-    USER_ENABLE_SYSCHECK: "y"
-    USER_ENABLE_ROOTCHECK: "y"
-    USER_ENABLE_OPENSCAP: "y"
-    USER_WHITE_LIST: "n"
-    USER_ENABLE_SYSLOG: "y"
-    USER_ENABLE_AUTHD: "y"
-    USER_AUTO_START: "y"
-  shell: "./install.sh"
+    USER_LANGUAGE: en
+    USER_NO_STOP: y
+    USER_INSTALL_TYPE: agent
+    USER_DIR: /var/ossec
+    USER_ENABLE_EMAIL: n
+    USER_ENABLE_SYSCHECK: y
+    USER_ENABLE_ROOTCHECK: y
+    USER_ENABLE_OPENSCAP: y
+    USER_WHITE_LIST: n
+    USER_ENABLE_SYSLOG: y
+    USER_ENABLE_AUTHD: y
+    USER_AUTO_START: y
+  shell: ./install.sh
 
 - name: Copy ossec.conf file
   copy:
@@ -64,9 +63,9 @@
 - name: Set Wazuh Manager IP
   lineinfile:
     path: /var/ossec/etc/ossec.conf
-    regexp: '<address>(.*)</address>'
-    line: "<address>{{ worker1_hostname }}</address>"
-    backrefs: yes
+    regexp: <address>(.*)</address>
+    line: <address>{{ worker1_hostname }}</address>
+    backrefs: true
 
 - name: enable agentd debug mode
   blockinfile:
diff --git a/tests/system/provisioning/enrollment_cluster/roles/master-role/tasks/main.yml b/tests/system/provisioning/enrollment_cluster/roles/master-role/tasks/main.yaml
similarity index 63%
rename from tests/system/provisioning/enrollment_cluster/roles/master-role/tasks/main.yml
rename to tests/system/provisioning/enrollment_cluster/roles/master-role/tasks/main.yaml
index 1d291790ab..b1923a9654 100644
--- a/tests/system/provisioning/enrollment_cluster/roles/master-role/tasks/main.yml
+++ b/tests/system/provisioning/enrollment_cluster/roles/master-role/tasks/main.yaml
@@ -1,9 +1,8 @@
----
-- name: "Check and update debian repositories"
+- name: Check and update debian repositories
   shell:
     cmd: apt-get update --allow-releaseinfo-change
 
-- name: "Installing dependencies using apt"
+- name: Installing dependencies using apt
   apt:
     pkg:
       - git
@@ -17,14 +16,14 @@
       - autoconf
       - libtool
       - libssl-dev
-    force_apt_get: yes
+    force_apt_get: true
     state: present
-    update_cache: yes
+    update_cache: true
     cache_valid_time: 3600
 
-- name: "Clone wazuh repository"
+- name: Clone wazuh repository
   git:
-    repo: "https://github.com/wazuh/wazuh"
+    repo: https://github.com/wazuh/wazuh
     dest: /wazuh
     version: "{{ wazuh_branch }}"
 
@@ -33,20 +32,20 @@
     chdir: /wazuh
     creates: /var/ossec
   environment:
-    USER_LANGUAGE: "en"
-    USER_NO_STOP: "y"
-    USER_INSTALL_TYPE: "server"
-    USER_DIR: "/var/ossec"
-    USER_ENABLE_EMAIL: "n"
-    USER_ENABLE_SYSCHECK: "n"
-    USER_ENABLE_ROOTCHECK: "n"
-    USER_ENABLE_OPENSCAP: "n"
-    USER_WHITE_LIST: "n"
-    USER_ENABLE_SYSLOG: "y"
-    USER_ENABLE_AUTHD: "y"
-    USER_AUTO_START: "y"
-    USER_UPDATE: "n"
-  shell: "./install.sh"
+    USER_LANGUAGE: en
+    USER_NO_STOP: y
+    USER_INSTALL_TYPE: server
+    USER_DIR: /var/ossec
+    USER_ENABLE_EMAIL: n
+    USER_ENABLE_SYSCHECK: n
+    USER_ENABLE_ROOTCHECK: n
+    USER_ENABLE_OPENSCAP: n
+    USER_WHITE_LIST: n
+    USER_ENABLE_SYSLOG: y
+    USER_ENABLE_AUTHD: y
+    USER_AUTO_START: y
+    USER_UPDATE: n
+  shell: ./install.sh
 
 - name: Copy ossec.conf file
   copy:
@@ -59,16 +58,16 @@
 - name: Set cluster key
   lineinfile:
     path: /var/ossec/etc/ossec.conf
-    regexp: '<key>(KEY)</key>'
-    line: "<key>{{ cluster_key }}</key>"
-    backrefs: yes
+    regexp: <key>(KEY)</key>
+    line: <key>{{ cluster_key }}</key>
+    backrefs: true
 
 - name: Set Wazuh Master IP
   lineinfile:
     path: /var/ossec/etc/ossec.conf
-    regexp: '<node>(.*)</node>'
-    line: "<node>{{ master_hostname }}</node>"
-    backrefs: yes
+    regexp: <node>(.*)</node>
+    line: <node>{{ master_hostname }}</node>
+    backrefs: true
 
 - name: Stop Wazuh
   command: /var/ossec/bin/wazuh-control stop
@@ -84,6 +83,7 @@
     block: |
       authd.debug=2
       wazuh_clusterd.debug=2
+      remoted.debug=2
 
 - name: Start Wazuh
   command: /var/ossec/bin/wazuh-control restart
diff --git a/tests/system/provisioning/enrollment_cluster/roles/worker-role/tasks/main.yml b/tests/system/provisioning/enrollment_cluster/roles/worker-role/tasks/main.yaml
similarity index 58%
rename from tests/system/provisioning/enrollment_cluster/roles/worker-role/tasks/main.yml
rename to tests/system/provisioning/enrollment_cluster/roles/worker-role/tasks/main.yaml
index c892778165..d113224ed1 100644
--- a/tests/system/provisioning/enrollment_cluster/roles/worker-role/tasks/main.yml
+++ b/tests/system/provisioning/enrollment_cluster/roles/worker-role/tasks/main.yaml
@@ -1,9 +1,8 @@
----
-- name: "Check and update debian repositories"
+- name: Check and update debian repositories
   shell:
     cmd: apt-get update --allow-releaseinfo-change
 
-- name: "Installing dependencies using apt"
+- name: Installing dependencies using apt
   apt:
     pkg:
       - git
@@ -18,14 +17,14 @@
       - libtool
       - python3-pytest
       - libssl-dev
-    force_apt_get: yes
+    force_apt_get: true
     state: present
-    update_cache: yes
+    update_cache: true
     cache_valid_time: 3600
 
-- name: "Clone wazuh repository"
+- name: Clone wazuh repository
   git:
-    repo: "https://github.com/wazuh/wazuh"
+    repo: https://github.com/wazuh/wazuh
     dest: /wazuh
     version: "{{ wazuh_branch }}"
 
@@ -34,20 +33,20 @@
     chdir: /wazuh
     creates: /var/ossec
   environment:
-    USER_LANGUAGE: "en"
-    USER_NO_STOP: "y"
-    USER_INSTALL_TYPE: "server"
-    USER_DIR: "/var/ossec"
-    USER_ENABLE_EMAIL: "n"
-    USER_ENABLE_SYSCHECK: "y"
-    USER_ENABLE_ROOTCHECK: "y"
-    USER_ENABLE_OPENSCAP: "y"
-    USER_WHITE_LIST: "n"
-    USER_ENABLE_SYSLOG: "y"
-    USER_ENABLE_AUTHD: "y"
-    USER_AUTO_START: "y"
-    USER_UPDATE: "n"
-  shell: "./install.sh"
+    USER_LANGUAGE: en
+    USER_NO_STOP: y
+    USER_INSTALL_TYPE: server
+    USER_DIR: /var/ossec
+    USER_ENABLE_EMAIL: n
+    USER_ENABLE_SYSCHECK: y
+    USER_ENABLE_ROOTCHECK: y
+    USER_ENABLE_OPENSCAP: y
+    USER_WHITE_LIST: n
+    USER_ENABLE_SYSLOG: y
+    USER_ENABLE_AUTHD: y
+    USER_AUTO_START: y
+    USER_UPDATE: n
+  shell: ./install.sh
 
 - name: Copy ossec.conf file
   copy:
@@ -60,23 +59,23 @@
 - name: Set cluster key
   lineinfile:
     path: /var/ossec/etc/ossec.conf
-    regexp: '<key>(KEY)</key>'
-    line: "<key>{{ cluster_key }}</key>"
-    backrefs: yes
+    regexp: <key>(KEY)</key>
+    line: <key>{{ cluster_key }}</key>
+    backrefs: true
 
 - name: Set Wazuh Worker name
   lineinfile:
     path: /var/ossec/etc/ossec.conf
-    regexp: '<node_name>(.*)</node_name>'
-    line: "<node_name>{{ worker_name }}</node_name>"
-    backrefs: yes
+    regexp: <node_name>(.*)</node_name>
+    line: <node_name>{{ worker_name }}</node_name>
+    backrefs: true
 
 - name: Set Wazuh Worker IP
   lineinfile:
     path: /var/ossec/etc/ossec.conf
-    regexp: '<node>(.*)</node>'
-    line: "<node>{{ master_hostname }}</node>"
-    backrefs: yes
+    regexp: <node>(.*)</node>
+    line: <node>{{ master_hostname }}</node>
+    backrefs: true
 
 - name: enable authd and clusterd debug mode
   blockinfile:
@@ -84,6 +83,7 @@
     block: |
       authd.debug=2
       wazuh_clusterd.debug=2
+      remoted.debug=2
 
 - name: Restart Wazuh
   command: /var/ossec/bin/wazuh-control restart
diff --git a/tests/system/provisioning/enrollment_cluster/vars/configurations.yaml b/tests/system/provisioning/enrollment_cluster/vars/configurations.yaml
new file mode 100644
index 0000000000..24adc28c61
--- /dev/null
+++ b/tests/system/provisioning/enrollment_cluster/vars/configurations.yaml
@@ -0,0 +1,12 @@
+cluster_key: "00000000000000000000000000000000"
+
+master_hostname: wazuh-master
+
+worker1_hostname: wazuh-worker1
+worker2_hostname: wazuh-worker2
+
+agent1_hostname: wazuh-agent1
+
+docker_network: cluster_net
+
+image: dontpanicat/debian:buster
diff --git a/tests/system/provisioning/enrollment_cluster/vars/configurations.yml b/tests/system/provisioning/enrollment_cluster/vars/configurations.yml
deleted file mode 100644
index c36af502f3..0000000000
--- a/tests/system/provisioning/enrollment_cluster/vars/configurations.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-cluster_key: "00000000000000000000000000000000"
-
-master_hostname: "wazuh-master"
-
-worker1_hostname: "wazuh-worker1"
-worker2_hostname: "wazuh-worker2"
-
-agent1_hostname: "wazuh-agent1"
-
-docker_network: "cluster_net"
-
-image: "dontpanicat/debian:buster"
diff --git a/tests/system/provisioning/enrollment_cluster/vars/main.yaml b/tests/system/provisioning/enrollment_cluster/vars/main.yaml
new file mode 100644
index 0000000000..d55674a99b
--- /dev/null
+++ b/tests/system/provisioning/enrollment_cluster/vars/main.yaml
@@ -0,0 +1 @@
+include_vars: configurations.yaml
diff --git a/tests/system/provisioning/enrollment_cluster/vars/main.yml b/tests/system/provisioning/enrollment_cluster/vars/main.yml
deleted file mode 100644
index a0bc7d5fd3..0000000000
--- a/tests/system/provisioning/enrollment_cluster/vars/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-include_vars: "configurations.yml"
\ No newline at end of file
diff --git a/tests/system/test_cluster/test_agent_groups/data/guess_group_messages_master.yaml b/tests/system/test_cluster/test_agent_groups/data/guess_group_messages_master.yaml
new file mode 100644
index 0000000000..d7a718a22b
--- /dev/null
+++ b/tests/system/test_cluster/test_agent_groups/data/guess_group_messages_master.yaml
@@ -0,0 +1,10 @@
+wazuh-master:
+  - regex: .*Agent 'AGENT_ID' with file 'merged.mg' MD5 .*
+    path: var/ossec/logs/ossec.log
+    timeout: 30
+  - regex: ".*Group assigned: 'GROUP_ID'"
+    path: /var/ossec/logs/ossec.log
+    timeout: 10
+  - regex: .*Agent 'AGENT_ID' group is 'GROUP_ID'
+    path: /var/ossec/logs/ossec.log
+    timeout: 10
diff --git a/tests/system/test_cluster/test_agent_groups/data/guess_group_messages_worker.yaml b/tests/system/test_cluster/test_agent_groups/data/guess_group_messages_worker.yaml
new file mode 100644
index 0000000000..096bb776d1
--- /dev/null
+++ b/tests/system/test_cluster/test_agent_groups/data/guess_group_messages_worker.yaml
@@ -0,0 +1,18 @@
+wazuh-worker1:
+  - regex: ".*Sending message to master node: '{\"daemon_name\":\"remoted\",\"message\":{\"command\":\"assigngroup\",\
+            \"parameters\":{\"agent\":\"AGENT_ID\",\"md5\":.*"
+    path: /var/ossec/logs/ossec.log
+    timeout: 30
+  - regex: ".*Message received from master node: '{\"error\":0,\"message\":\"ok\",\"data\":{\"group\":\"GROUP_ID\"}}'"
+    path: /var/ossec/logs/ossec.log
+    timeout: 10
+  - regex: .*Agent 'AGENT_ID' group is 'GROUP_ID'
+    path: /var/ossec/logs/ossec.log
+    timeout: 10
+wazuh-master:
+  - regex: .*Agent 'AGENT_ID' with file 'merged.mg' MD5 .*
+    path: /var/ossec/logs/ossec.log
+    timeout: 30
+  - regex: ".*Group assigned: 'GROUP_ID'"
+    path: /var/ossec/logs/ossec.log
+    timeout: 10
diff --git a/tests/system/test_cluster/test_agent_groups/test_assign_groups_guess.py b/tests/system/test_cluster/test_agent_groups/test_assign_groups_guess.py
index 8f106cbe7b..027aa8eb63 100644
--- a/tests/system/test_cluster/test_agent_groups/test_assign_groups_guess.py
+++ b/tests/system/test_cluster/test_agent_groups/test_assign_groups_guess.py
@@ -49,6 +49,8 @@
                     check_keys_file, delete_group_of_agents, remove_cluster_agents,
                     assign_agent_to_new_group, restart_cluster)
 from wazuh_testing.tools.system import HostManager
+from wazuh_testing.tools.file import replace_regex_in_file
+from wazuh_testing.tools.monitoring import HostMonitor
 from wazuh_testing.tools import WAZUH_PATH
 
 
@@ -59,6 +61,9 @@
 
 inventory_path = os.path.join(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))),
                               'provisioning', 'enrollment_cluster', 'inventory.yml')
+data_path = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'data')
+master_messages_path = os.path.join(data_path, 'guess_group_messages_master.yaml')
+worker_messages_path = os.path.join(data_path, 'guess_group_messages_worker.yaml')
 host_manager = HostManager(inventory_path)
 local_path = os.path.dirname(os.path.abspath(__file__))
 tmp_path = os.path.join(local_path, 'tmp')
@@ -67,7 +72,7 @@
 # Variables
 remoted_guess_agent_groups = 'remoted.guess_agent_group='
 # this timeout is temporality, this test will be update
-timeout = 60
+timeout = 20
 
 
 # Tests
@@ -88,15 +93,6 @@ def test_assign_agent_to_a_group(agent_target, status_guess_agent_group, clean_e
         - clean_enviroment:
             type: Fixture
             brief: Reset the wazuh log files at the start of the test. Remove all registered agents from master.
-        - test_infra_managers
-            type: List
-            brief: List of manager hosts in enviroment.
-        - test_infra_agents
-            type: List
-            brief: List of agent hosts in enviroment.
-        - host_manager
-            type: HostManager object
-            brief: Handles connection the enviroment's hosts.
     assertions:
         - Verify that after registering the agent key file exists in all nodes.
         - Verify that after registering the agent appears as never_connected in all nodes.
@@ -152,10 +148,18 @@ def test_assign_agent_to_a_group(agent_target, status_guess_agent_group, clean_e
         time.sleep(timeout)
 
         # Check if remoted.guess_agent_group is disabled
-        if(int(status_guess_agent_group) == 0):
-            group_id = 'default'
+        group_id = 'default' if int(status_guess_agent_group) == 0 else group_id
+
+        # Run the callback checks for the ossec.log
+        messages_path = master_messages_path if agent_target == 'wazuh-master' else worker_messages_path
+
+        replace_regex_in_file(['AGENT_ID', 'GROUP_ID'], [agent_id, group_id], messages_path)
+        HostMonitor(inventory_path=inventory_path,
+                    messages_path=messages_path,
+                    tmp_path=tmp_path).run(update_position=True)
         check_agent_groups(agent_id, group_id, test_infra_managers, host_manager)
 
     finally:
         # Delete group of agent
         delete_group_of_agents(test_infra_managers[0], group_id, host_manager)
+        replace_regex_in_file([agent_id, group_id], ['AGENT_ID', 'GROUP_ID'], messages_path)