Wazuh | Mailing List

Since you are performing this on a lab environment, you can opt for a fresh install of Wazuh 4.14.4

Hi, To answer your questions 1. Does vulnerability reporting depend on the OS rpm.db database? Yes,

Hi, I tested the log (full_log), and it matches the default Windows date format decoder. However, it

Hello, Fabio. Thank you for quick response. I'll enable debug on several agents and monitor the

Hi German, There's a field called data.vulnerability.package.condition that I think it gives you

Hi Manoj The error occurs because the dashboard file you are trying to import was created using a

Thank you for your help! I understand the difference now. I still fail to understand why such events

Hello Claudio, So I tested this further with the log and rules you shared, and it works as expected.

Hello German, Depends on the goal: 1. If you only need one enriched notification after the

Hello Rodrigo, Thank you for your response. I followed your suggestion and regenerated the dashboard

Hello Matías, Thank you very much for this, works perfectly. One more beer on me. Best regards, Vuk

Hi Sushant, I believe Manage Engine PAM logs can be forwarded through syslog. Please check this guide

Hello Hasitha. Thanks for your reply. It worked, I guess that was just a matter of Wazuh gathering

Thanks John for the reply. I will check the above mentioned steps and get back to you. On Wednesday,

I think this is completely possible. You can deploy any software on a VPS, or dedicated server as

Hi German, sorry for the late reply. That log error is definitely the smoking gun. It means the

The issue is likely your regex matching against a localized `sc query` output. The field label (`

Hi Emar, You could move the log storage using a bind mount. Here's an example of how to do it:

Hi, Thanks for the references! But from what I understand "Tenants" are contained

Hey folks, I'm seeing exactly this issue hundreds of times for various linux machines. All Ubuntu

Syscollector does not expose a internal command for user.groups and group.users. Users/groups

Hi Emar, It's important to note that archived events and alert rules are independent. Enabling

Glad to know the issue is resolved On Tuesday, March 17, 2026 at 8:28:19 PM UTC+5:30 Gabriel Diaz

Hi Franco Thanks for your prompt reply and help. I have got option 1 working and edited the default

The certificates have two problems: they're expired (Jan 30 2026) and their SAN only includes `

Hello, Thanks for sharing the informations. I'll apply the workaround. Br, Adrien Le mardi 17

Hi Emar, I am glad that the shared information helped. Let us know if you need further assistance, so

Hi Gerald, I am glad that your issue has been resolved! On Monday, March 16, 2026 at 12:38:42 PM UTC+

Hello, Apologies for the delayed response. I was away for a while. I can see from your Dev tools

He, I check over another agent and all it is working. therere are something over the test agent that