Wazuh | Mailing List

Hello, Can you please share with me the origin of the code? Looking forward to your comments On

Hi Sorry for late response. 1. bash-5.2# cat /var/ossec/var/run/wazuh-analysisd.state | grep _dropped

Hello Everyone I had no problems with Wazuh until a few weeks ago, but now the alerts that should

Hello Albert, The debug logs in your ossec.log file seems to be okay. I can see that it's able to

Manuel, thank you very much for your response and sorry for my delay. I insist, how can I know if an

Hi Javier, I will take into consideration your suggestion about the Average aggregation but for now

Hi. Can you give me more context, please? 1. What documentation are you following? 2. What is the

Hi! can you please pass me the following information? 1.- The output of this command: ls -l /var/

I am creating child rules for 600000, like this one: <rule id="600002" level="12

hello, Indeed, I was not looking at the right place ! The inventory number of critical

Hi Wazuh Community, I have been working on creating a custom decoder and rules for JSON logs. However

Hi ilian, I believe you already already Wazuh setup and you need to integrate logs without installing

Hi Henry: Did you see my previous comment? If you have any doubts or questions please do not hesitate

It looks like an unusual issue. I was unable to reproduce it. This issue was related to large-size

But I want like to downgrade (indexer, manager, filebeat, dashboard) mean anything related to the

Hi, I'm having this error on the wazuh agent wazuh-logcollector: WARNING: Target 'agent'

sqlite3 /var/ossec/queue/db/000.db works as expected. Here is the output for ls -lh /var/ossec/queue

Hi rene.v, I am glad that the issue was resolved. Regards, Hasitha Upekshitha On Thursday, November

considering the operating system среда, 20 ноября 2024 г. в 10:17:50 UTC+3, Nemo191 Nm: It is a pity

Hi Awwal, I wanted to follow up on the logs that I shared earlier. I would really appreciate some

Hi Anderson, I'm glad to hear that! Please let us know if you have any further doubts or concerns

Thank you! I will look into that. mandag 18. november 2024 kl. 15:26:21 UTC+1 skrev malena.casas@

Hi, I guess you pretend to use Cortex and the Wazuh responder to trigger an active response in the

We do not have any official documents on this If you want to be signed by their own Certification

Hi tsai, This is strange, It will trigger when the Wazuh agent is restarted regarding SSH login

Hello Mithun, To achieve your use case, you can use the sibling decoders. Sibling decoders are

Hi Team, It seems likely that this bucket was created in a different region, IE not us-west-2.

Hello Dmitry Mikheev, Apologies for my delayed response. Yes FIM field `file` should be used in your

Hi Daniel, The configuration is correct, you also need to add local_ip. local_ip: Local ip address to

Hello Todor, The plausible reason why you do not see any metric for CPU Utilization is because there