Wazuh | Mailing List

Wazuh Community, When issues occur on the server (eg high watermark) and logs stop being ingested,

Hi German, It takes the distro into consideration but not where it is installed. It's the same

I thought it would at least work if I left only one request enabled but no, it only works with

Hi, I followed the advice and excluded the official decoder 0455-pfsense_decoders.xml. I modified my

Hi Team, I have installed Wazuh around 1 months back and i never see Vulbernility events in dashboard

Hello Gerald, Your decoder will not be effective for all the logs you have shared. I also see a

Hi Glyn, Your permissions and database size are correct. However, we have recently found that given a

Thank you so much. I'll try it again and share the updated output. On Mon, Dec 22, 2025 at 9:10

Hi, I am glad to hear that the index recovery worked and the dashboard is fully operational again.

Thanks for the help, this helped a lot On Fri, 19 Dec 2025 at 17:20, 'ismail....@wazuh.com

Hi Robby, Yes, you are correct. I will create a GitHub issue regarding this. However, as a workaround

Okey now its fixed but I check the Server management --> Rules section where it keeps loading and

Hi G Mail First, please restart the Indexer to see if that resolves the error: systemctl restart

Hello Karlo, Thank you so much for spending the time to review my logs, and to provide a suggested

Hello, Nicolae Composite rules (those defined with a frequency and timeframe) are designed for

The high event volume (100M daily, 25M from agents) and the delays with your integrations, it's

I managed to make the system work according to this guide: https://github.com/wazuh/integrations/tree

Hi Seth, I have written some sample decoders based on your log. Add the new decoder to /var/ossec/etc

Hi, When an agent upgrade is initiated from the Wazuh Manager, the agent does not require direct

Hi Dirceu, Great, thanks for sharing those outputs. It looks like everything is good on the

I am getting this error too but it is in the MS Graph API Events page. Please advise. On Wednesday,

Hello Brenno, If I understand correctly, you want to build a third rule that after matching rule

Hello Reazul, Do you mean something similar to the attached screenshot? You can get this by

Can you please let me know how you have generated the certs? Have you generated the self-sign certs?

After in-depth research, there are a few options you can consider. The integration you're

Sorry for the late response, I was on holiday. We can see the old package in the vulnerability

Yes, offline migration is possible. You can take a backup by following Backup: https://documentation.

Hi, to verify the validity of the SSL certificate on port 1515, you should use command-line tools

Sorry for the late response, I was on holiday. I am glad that the IT Hygiene is working now. Are you

I cannot find any other custom rules other than the one I have already shared with the document. As I