Wazuh | Mailing List

Forget to mention: Wazuh version 4.14.2 A quinta-feira, 12 de fevereiro de 2026 à(s) 14:52:44 UTC,

Hi, Could you specify how the upgrade was performed? This matters a lot taking into consideration the

Hi Peter, Yes, your understanding is correct, and this is expected behavior. When upgrading to 4.14.3

Hey, so I reviewed the reports. It DID work and stopped triggering 100+ events from the same host

Your current Docker-listener configuration is working correctly, as it only collects Docker engine

I am trying to understand how this system works. I did back up to all the high level directories. Are

Hi Jacob: Any update ? On Monday, February 9, 2026 at 3:12:23 PM UTC-6 Jorge Eduardo Silva Jackson

Hi Ivan, Thanks for sharing the config and logs. I will try to reproduce this behavior in my local

Hi Yazid, im not from wazuh, but I read your question carefully. Some , may stupid question, have you

Hi abhishek From what I can see, the decoder is failing to detect the regex you added in the log.

Let me restate the question. How is it in the Per Bucket monitor when the Bucket is triggered (it has

Okay just checked whether all error logs can be handled. Most did but I found some cases where the

Thank you Rodrigo. среда, 11 февраля 2026 г. в 15:34:30 UTC+3, rodrigo....@wazuh.com: So in

Hello, Following up on my previous message, I am still receiving alerts for the "promiscuous

Hi Himanshu, Actually I am getting alerts related to virustotal. So assume that the integration is

Hi Simon, The CVEs shown in Wazuh come from the vulnerability feeds it consumes—mainly the NVD (

The agent communicates to the server on specific port. The telemetry is done via 1514 and the 1515

Arsal, Yes, this is normal behavior with the current script, but it is probably NOT what you expect.

It depends largely on the storage architecture and the hardware you plan to use. In Kubernetes, Wazuh

Hi Brenno, It's strange that you have not changed the config and resolved the issue without any

Hello, I did some tests and found out that it is not going to be easy to get the information as you

Hi Bobby, If your indexer is down, you won't be able to run any curl commands from the Linux CLI

Hi Tengku Please check the template as it exists in the Wazuh indexer cluster state by using the

Hi Micah, The cause of the error is that the Wazuh dashboard is doing some operations, like

Hi Mohammad, Instead of adding a new custom rule, I suggest overwriting the existing rule to avoid

So I tried what you told me and it stops at phase 2 decoding part and only succeeds when I change the

Hello! Thanks a lot! понедельник, 9 февраля 2026 г. в 13:53:16 UTC+5, Md. Nazmur Sakib: Hi Bitemir,

Hi @perps This looks like a case where the syslog receiver is escaping non-printable bytes (control

Hey Cedrik, I implemented your suggested rule: <group name="vulnerability-adobe-tuning,"

Hi Emir, You can index old archive logs to your indexer and analyze them from the dashboard. For this