Wazuh | Mailing List

Hi Bayu Sangkaya, Your children decoders should use the same name. For example, I have changed the

Hi Ubuntu 24.04 ands wazuh 4.12.0-1 At my dashboard this rule is marked as failed. my rule: # cat /

Hy Hashita after removing 755 and restarting rule is ok now. thanks I open a ticket at git hub 😁 Em

Dear Team, I want to achieve a specific log format that makes it easier to run queries. Since we have

Hi Team, wazuh agent is not getting installed in my endpoint, this was installed before (6 months)

Hi Bony, Thanks for your earlier guidance — it helped a lot. I've confirmed that FortiGate logs

Hi Amin. Your proposed architecture sounds right for your environment. Running Wazuh on Kubernetes

Hello Romain , This is not an standard way to do it , but what i really suggest you maybe it would be

Additionally, if the indexes are being deleted manually from the dashboard, it would be advisable to

Hello Bilal, This is possible with the use of wazuh FIM with the aid of syscheck. When you have a

Hi Stuti Its an all in one environment , version 4.11.2 Output of the cluster health ----------------

Hi, most likely the poor performance is due to the users and groups issue. I'm going to set up an

Hello Felix, Based on my test, you should not get so many warnings and so much information from the

Hello, One way to do this is if you have a specific field in the alert that is commong to all or some

Hello Nazmur, I made the suggested changes and ran the indicated commands, these are the results of

Hi team, I have to integrate azure load balancer logs into wazuh for monitoring. I have to monitor

Thank you, Benjamin. I would like to close the ticket. On Wednesday, September 3, 2025 at 4:00:40 PM

Based on my findings at this moment, it is not possible to write sibling decoders for the Windows

Hi, Wazuh generates several internal log files, including alerts.log, archives.log, alerts.json, and

Hi, That configuration is performed in Suricata. Wazuh is now configured to receive the logs you

still the same issue I deployed the new wazuh instance but the issue remanis same Connected 50+

Mira que en la documentación que me mandas del quick start indica que se necesitan al menos 8 GB de

Did you have any luck with this? Were you able to install the agent? On Thursday, August 28, 2025 at

Hello Leonardo, Could you please share the complete alert, ensuring that any sensitive information is

Hello Lucas, I don't think that the issue is the bucket name, but try it if you can. Can you

Hello, If I understand you clearly, you mean the logs are not decoded properly. I feel the way you

Good afternoon! The problem is solved. I did not specify the parameters correctly when running the

Hello, There is no option to configure a "Close" in the Index Lifecycle Management. But

How can I avoid that the user login? I mean, How is the configuration to check only if the user is

Hi, Can you please share what exact you did to resolve above issue. On Thursday, June 5, 2025 at 3:41