On Fri, May 12, 2017 at 4:40 AM, AntonH <
an...@inkcreations.com> wrote:
> Hello,
>
> I'm using Wazuh and I don't know how to map TargetUserName to an indexed
> field.
> Security events are generated but the associated username is not mapped so
> there is no way to search for or display the culprit.
>
> The field marked yellow is not mapped or indexed.
>
>
> Corresponding xml event from eventvwr
>
>
> I'm using the ossec-agent to transport logs to Wazuh v2.0
>
>
> I hope someone can help me.
>
It might be better to ask Wazuh about their project.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
ossec-list+...@googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.