Wazuh | Mailing List

Hello, First of all, I would like to say hello to the entire community of Wazuh users and

I was analyzing it and found that the problem was that my proxy had this configuration: This error is

I need to configure log rotation so that when the alerts.json and alerts.log files reach a size of

Hello, I want to make them fully integrated by enabling all honeypots' log files to appear in

Yes changing the hostname of the linux works and Wazuh still works but I only see the events after

Hello Paul, Without knowing the status of the Indexer, it's quite difficult to pinpoint the exact

Hello Julian, I got your email, please let's try to always reply all so it keeps the community

Fixed by running (cluster's green now): sudo curl --insecure \ --cert /etc/wazuh-indexer/certs/

Hi, did you get to resolve it now? It seems to be because of this error - /tmp/opensearch-

Hey Max, In order to change passwords, you can simply use the passwords tool at: /usr/share/wazuh-

Hello Bitemir! The recommended way to enjoy 100% of Wazuh's capabilities is to install the agent

Hello David, sorry for the delay in my response. I was able to reproduce the scenario you mentioned;

Hello Michal, If you try adding the custom rule directly to the file and restart the manager, does

Hi CJK Your updated ILM policy looks correct, and because the structure is the same (only the

John, I updated the issue to include details both for windows and linux: https://github.com/wazuh/

Not exactly. You should develop a new React component like this example: https://github.com/wazuh/

Hi @Leonardo Ventura This behavior is intentional. The vulnerability.detected_at field is updated on

Hello, when I run this POST request, it works and the error disappears for 2 days because it changes

Hello, I think one of the main issues experienced in your rule is the fact that you used PCRE2 syntax

Hi Daniel, Wazuh keeps a checkpoint that should prevent events from being downloaded multiple times.

Guide used : https://github.com/wazuh/integrations/tree/main/integrations/misp However, this guide is

Hello, Thank you for the clarification and for pointing out the invalid configuration. I will make

Hi, Hi! Your message isn't entirely clear could you clarify whether you're having issues with

Hello Narasimha, You can use this document to review your configuration. Wazuh agent configuration If

Hi, Apologies for the late response. I have tested your decoder using the sample log you shared, and

Wazuh and Sysmon are two different products. You can have both installed without any issues. In fact,

Hi Johny, You are completely correct in your observation. The condition field (eg, "Package less

I still have the same error root@ubuntu-wazuh:/var/ossec/integrations# ls -l total 76 -rwxr-x--- 1

Thanks for sharing your thoughts, I totally understand your point. Having the manager deploy scripts

Hello devs, I believe you need to expand the scope of your current rule setup to correlate events for