Groups
Conversations
All groups and messages
Send feedback to Google
Help
Training
Sign in
Groups
ossec-list
Conversations
About
Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
ossec-list
Contact owners and managers
1–30 of 6996
Mark all as read
Report group
0 selected
BJ Taylor
,
dan (ddp)
3
12/11/24
Rules not firing because no decoders match
If you can't fix the timestamp being used you'll probably have to modify the source code to
unread,
Rules not firing because no decoders match
If you can't fix the timestamp being used you'll probably have to modify the source code to
12/11/24
Veliyappan D
10/26/24
reagrding filebeat
Hi I need to get a filebeat logs in wazuh. Were i can get and how i can get wat need to do?
unread,
reagrding filebeat
Hi I need to get a filebeat logs in wazuh. Were i can get and how i can get wat need to do?
10/26/24
sparks....@gmail.com
10/14/24
agent.conf is doesnt work
Hello, I have a problem, I am trying to configure agent.conf but considering that the configuration
unread,
agent.conf is doesnt work
Hello, I have a problem, I am trying to configure agent.conf but considering that the configuration
10/14/24
den
,
dan (ddp)
2
9/9/24
Active response litterally doesn't work
I haven't looked at this stuff in a while, and I definitely haven't looked at the wazuh
unread,
Active response litterally doesn't work
I haven't looked at this stuff in a while, and I definitely haven't looked at the wazuh
9/9/24
conm...@gmail.com
, …
den
7
9/8/24
ACTIVE-RESPONSE NOT WORKING
Can you guide me how to turn on active response on my ossec, mine is not even working even I added
unread,
ACTIVE-RESPONSE NOT WORKING
Can you guide me how to turn on active response on my ossec, mine is not even working even I added
9/8/24
Tam Pham
8/15/24
newby question: FIM support and licensing the manager
We are thinking of installing OSSEC+ versus OSSEC Atomic for file integrity monitoring (FIM) My
unread,
newby question: FIM support and licensing the manager
We are thinking of installing OSSEC+ versus OSSEC Atomic for file integrity monitoring (FIM) My
8/15/24
Eric Hankins
, …
Joël Stienlet
8
2/25/24
ossec and system updates: forcing immediate syscheck
Hello Mike, Sorry for digging this up, but a search on google lead me to this discussion. Is there
unread,
ossec and system updates: forcing immediate syscheck
Hello Mike, Sorry for digging this up, but a search on google lead me to this discussion. Is there
2/25/24
Satwika sree
,
dan (ddp)
2
12/8/23
Custom logo for each agent group
Ossec doesn't show any logos. What application are you seeing logos in? On Fri, Dec 8, 2023 at 9:
unread,
Custom logo for each agent group
Ossec doesn't show any logos. What application are you seeing logos in? On Fri, Dec 8, 2023 at 9:
12/8/23
Dosimbek Umarov
11/26/23
HIDs agent syslog(/var/log/mysql/mysql.log) alerts not showing in analysis/security_events but is showing in environment/detection/hids Alerts Log. How can I did that so hids alerts showing in security_events.
**Phase 1: Completed pre-decoding. full event: '023 Nov 26 16:10:49 (bd-2) 192.168.110.3->/var
unread,
HIDs agent syslog(/var/log/mysql/mysql.log) alerts not showing in analysis/security_events but is showing in environment/detection/hids Alerts Log. How can I did that so hids alerts showing in security_events.
**Phase 1: Completed pre-decoding. full event: '023 Nov 26 16:10:49 (bd-2) 192.168.110.3->/var
11/26/23
Secure moi
2
8/21/23
Only Getting Rule 18107 alerts
PS change in apporach....how about a really simple example of a custom rule and decoder for server
unread,
Only Getting Rule 18107 alerts
PS change in apporach....how about a really simple example of a custom rule and decoder for server
8/21/23
Thavorn Vann
6/16/23
Agents 3.7 Windows 10 never connected
Hi, I'm trying to connect from agent to server but it show error below: 2023/06/16 11:29:33 ossec
unread,
Agents 3.7 Windows 10 never connected
Hi, I'm trying to connect from agent to server but it show error below: 2023/06/16 11:29:33 ossec
6/16/23
hiwot
6/6/23
how to solve this problem dears?
Siem v4.4.3 (Rev. 40409) Installation Script - https://www.siem.com You are about to start the
unread,
how to solve this problem dears?
Siem v4.4.3 (Rev. 40409) Installation Script - https://www.siem.com You are about to start the
6/6/23
Jeff Chimene
5/3/23
Wordpress
I'm trying to improve ossec WordPress rules. I'd like to start a list of generic WordPress
unread,
Wordpress
I'm trying to improve ossec WordPress rules. I'd like to start a list of generic WordPress
5/3/23
Lãm Ngô
2
4/7/23
hi all
Vào lúc 17:25:32 UTC+7 ngày Thứ Sáu, 7 tháng 4, 2023, Lãm Ngô đã viết: i can't login to gmail
unread,
hi all
Vào lúc 17:25:32 UTC+7 ngày Thứ Sáu, 7 tháng 4, 2023, Lãm Ngô đã viết: i can't login to gmail
4/7/23
Nidhi Soni
,
victor....@wazuh.com
3
3/30/23
Detection for hidden ports
Hi, I have installed reptile rootkit and did the required configurations as given in wazuh blog:
unread,
Detection for hidden ports
Hi, I have installed reptile rootkit and did the required configurations as given in wazuh blog:
3/30/23
Michael Starling
3/28/23
Rule 554 firing instead of rule 500
Hello. I'm seeing a strange issue when running some tests on rule 550 "Integrity checksum
unread,
Rule 554 firing instead of rule 500
Hello. I'm seeing a strange issue when running some tests on rule 550 "Integrity checksum
3/28/23
Secure moi
2
1/13/23
Filter alerts by ID and Date
Still struggling with this....and am guessing the documentation is out there to solve it but... Q is
unread,
Filter alerts by ID and Date
Still struggling with this....and am guessing the documentation is out there to solve it but... Q is
1/13/23
Alex
10/17/22
Alpine Linux installaton without systemd
I want to install Ossec Server on Alpine Linux following the instructions on the homepage for the
unread,
Alpine Linux installaton without systemd
I want to install Ossec Server on Alpine Linux following the instructions on the homepage for the
10/17/22
Peter P
10/13/22
Agents 3.6 Centos 7 never connected
Hi, I'm trying to troubleshoot not connecting OSSEC agents 3.6 running on Centos 7, with a Server
unread,
Agents 3.6 Centos 7 never connected
Hi, I'm trying to troubleshoot not connecting OSSEC agents 3.6 running on Centos 7, with a Server
10/13/22
Bhaskar Patel
10/9/22
want to enable 2fector on the wazuh-indexer console
"I need to enable 2fector on the wazuh-indexer console is it possible? Does anyone have an idea
unread,
want to enable 2fector on the wazuh-indexer console
"I need to enable 2fector on the wazuh-indexer console is it possible? Does anyone have an idea
10/9/22
Michael Gaffney
10/6/22
Agents will not Connect to server
Hello, I am having trouble getting my agents to talk to the server. I keep getting the following
unread,
Agents will not Connect to server
Hello, I am having trouble getting my agents to talk to the server. I keep getting the following
10/6/22
Kristian Kirilov
,
victor....@wazuh.com
2
10/3/22
Is there a way to use nodiff with folders?
Hello kristian, The nodiff the option is aimed to avoid data leaking by sending the content of
unread,
Is there a way to use nodiff with folders?
Hello kristian, The nodiff the option is aimed to avoid data leaking by sending the content of
10/3/22
sparks....@gmail.com
8/2/22
Agentless Suspend alerts during system updates
Hello good day, to ask for your help. I have version 3.7 of OSSEC installed where I only work with
unread,
Agentless Suspend alerts during system updates
Hello good day, to ask for your help. I have version 3.7 of OSSEC installed where I only work with
8/2/22
ABHISHEKH LADE
,
Daniel Cid
2
7/30/22
ossec 3.6 configration
What errors are you getting when you try to install? If you can give more details, maybe we will be
unread,
ossec 3.6 configration
What errors are you getting when you try to install? If you can give more details, maybe we will be
7/30/22
M Asif
,
dan (ddp)
2
7/15/22
Install ossec in windows as standalone (local mode)
That's not supported. Windows is an agent only platform. On Tue, Jul 12, 2022 at 1:34 PM M Asif
unread,
Install ossec in windows as standalone (local mode)
That's not supported. Windows is an agent only platform. On Tue, Jul 12, 2022 at 1:34 PM M Asif
7/15/22
tater bug
6/27/22
When unexpected happens. After try many fixes multiple times, then send an e-mail to one of our mailing lists with the following information:
root-laptop:/var/ossec/logs# /var/ossec/bin# cat /etc/ossec-init.conf -bash: /var/ossec/bin#: No such
unread,
When unexpected happens. After try many fixes multiple times, then send an e-mail to one of our mailing lists with the following information:
root-laptop:/var/ossec/logs# /var/ossec/bin# cat /etc/ossec-init.conf -bash: /var/ossec/bin#: No such
6/27/22
Annie s
, …
Paterson Lali
8
6/10/22
windows AR not working
Hi, I was able to generate wrong password events after editing the audit policies of windows. log all
unread,
windows AR not working
Hi, I was able to generate wrong password events after editing the audit policies of windows. log all
6/10/22
JP H
,
Alejandro Ruiz Gonzalez
3
5/5/22
Report limit on specific servers
Thank you, I was able to figure out what I needed based on the information in that link. J On
unread,
Report limit on specific servers
Thank you, I was able to figure out what I needed based on the information in that link. J On
5/5/22
Miguel Jacq
,
Yana Zaeva
6
3/23/22
Issues getting web rules to detect an Nginx log when it's come in via syslog
Sorry to resurrect an old thread, but I finally got my local decoders to work with Nginx logs when
unread,
Issues getting web rules to detect an Nginx log when it's come in via syslog
Sorry to resurrect an old thread, but I finally got my local decoders to work with Nginx logs when
3/23/22
Vũ Đạt
3/19/22
Re: [ossec-list] Agent cannot conect to failover server
what ? Vào Th 3, 15 thg 3, 2022 vào lúc 01:42 '(K14 HCM), Nguyen Hoang Phu' via ossec-list
unread,
Re: [ossec-list] Agent cannot conect to failover server
what ? Vào Th 3, 15 thg 3, 2022 vào lúc 01:42 '(K14 HCM), Nguyen Hoang Phu' via ossec-list
3/19/22