Wazuh | Mailing List

{ "error": "no handler found for uri [/_plugins/_alerting/alerts/_search] and method [

I have already completed this activity, but I was not successful. Em quinta-feira, 22 de janeiro de

Hello all, I have a safeguard log for which I need to create a wazuh decoder, but I only manage to

Hello Pablo, in the meantime i fixed the issue. It was a network problem, the docker container had

Hi! I've noticed that sometimes I don't receive a notification for a triggered alert, meaning

Hello, The issue you describe is caused by one of the followings: There are multiple versions of the

Thank you for your response. Similarly it does not work for me to make a single rule for each case,

Hello @Yazid Thank you for sharing the results, I'll run some tests on my end to validate the

Hi mariano, This is expected behavior. Wazuh creates daily alert indices (wazuh-alerts-4.x-YYYY.MM.DD

Hi Natalia, Thanks, this clarifies a lot and matches what I observed in practice. I appreciate the

Hi Stuti, this is the log {"schemaVersion": "1.21", "id": "WB-

I have modified the decoders to adapt them well. The decoders should look like this: ``` <decoder

Hello, John. Yes, OS language is English. Debug logs show empty result of the command: 2026/01/22 11:

Hi again, i was finally able to get my hands on a test environment for this issue. so now with the

Hi David, To help us confirm the behavior you're observing, could you please help us validate the

Hi, Wazuh can help detect phishing emails by correlating email-related events with threat

This can happen due to a connectivity issue or if the agent cannot properly communicate with the

Hi, Julián Morales! I change level and description in custom rule, save and reload. With "Mange

Hello! I updated wazuh to version 4.14.2 and encountered an issue when changing rules. When I change

Hello, After changing the frequency of the queries, from <interval>5m</interval> to <

Hi jacob As you mentioned earlier, you followed the https://documentation.wazuh.com/current/user-

Hi German You can follow https://wazuh.com/blog/recover-your-data-using-wazuh-alert-backups/ the same

The rule 101806 works fine as I sent it and no match is necessary. The following rules do not work

Hi, We'll need a little more information about the rule you're trying to create and how you

The timeout and cluster crashes you're experiencing with custom FIM rules in 4.13.1 could be

Hi David Regarding your question: "Do you have any tips on how to extract each TO field from

Hi Yogi, I've tested this rule and identified the problem. The regex type isn't defined in

Hi Hashita, Thanks for the info. Just to confirm, if I take a full VM snapshot of the Wazuh server,

Hi Banjamin, Thanks, That helps. Will try the same. Does this multiple wodle support on other wodles

Hi Marias, Okay that's enough for me, Thank you for your asisstance. Regards, Robby On Tuesday,