Wazuh | Mailing List

Hi Felix, I need to see more files just to be sure your port 9200 is well configured. Can you share

Hi warhammerik, I have tested your decoder locally and the problem is the size of the string within

Hi, This is a known limitation as Wazuh runs integrations sequentially, not in parallel. So if MISP

Hello Dev, For a distributed instance, the Wazuh indexer users are meant to be changed on the wazuh

Hello Sow, So I ran a test on the log with the rule you shared, and there was a match. Please see

Hi, Index API error: ============== The error {"error":"no handler found for uri [/cat

Hello, Error 409, typically means conflict, it is an HTTP status code indicating that a request could

The Vulnerability Detection (VD) module generates alerts when new vulnerabilities are found or

Hi, I have tested this on my end and found that it is a common issue. As a workaround, you can follow

The data from the field data.win.eventdata.processName is a complete string, so it cannot be split.

Hi Alfian, For this, you can check this blog. https://wazuh.com/blog/enhancing-incident-response-with

Hi, Apologies for the late reply. Logs: Session started {"EventDetails": [{"OldValue

I've tested this setting for a few days now and it works. Usually <email_alert_level>12<

Yes, you can open a bug report by opening an issue in the GitHub repository. https://github.com/wazuh

Hi, Based on the log you shared, I have updated your decoder, and it's now working correctly.

Hi hrn.km.a...@gmail.com, Could you please share your issue in a new post so that we can assist

I have shared a resposne to your other post on this topic. Please check. https://groups.google.com/g/

Hi Alfian, The file /var/ossec/etc/rules/local_rules.xml. is for adding custom rules. Check this

I forgot the file. Here it is On Sunday, November 9, 2025 at 8:07:10 PM UTC+8 hasitha.upekshitha@

The indexer connector error indicates that the indexer connector responsible for the vulnerability

And I install it on VMware , on Ubuntu OS Vào lúc 19:43:49 UTC+7 ngày Thứ Tư, 5 tháng 11, 2025,

Hi Jorge, I wanted to know if there is any updates regarding this issue? On Saturday, August 23, 2025

Could you please open an issue on the Wazuh repository: https://github.com/wazuh/wazuh/issues The

Question: This is strange and shouldn't work like that. Could you confirm that you restarted your

Hi John, With the last results you sent, it is shown that the manager is getting data correctly from

Thank you for your response! It is really possible to limit events by one agent. But the user has the

Hello Prince, Not very skilled at scripting, but you can do something like the block below using Bash

Thanks for the heads up. I'm not quite familiar with this platform yet On Fri, Nov 7, 2025, 6:25

Hello, sorry for late reply, had other obligations. I tested this a bit more And If I set it the way

Hi Brenno, You are correct, the group name(or similar attributes DisplayName or MailNicknmae) is not