Wazuh mailing list

Hi ! After working around your script and configuration I found out a solution. ossec.conf: few

Hello YNWA To achieve this you must do the following (I will assume that you are using the latest

Hi Victor! Thanks for the answer. 2021/09/24 20:58:15 rootcheck[3764] common_rcl.c:323 at

Hi Daniel, I'm assuming that you are referring to these automatic reports that are detailed in

Good Morning, We recently had our Wazuh server die and had to rebuild it from scratch. We had a

Hi Carlos, I did try your rules and seems to work on my side. Just changed rules id to avoid

Hello again After some research I think this could be a problem related with having too many shards

I checked the test user policies, seems i did all by the book cut still it enable to see all agents

Nevermind guys, I figured it out myself! My boss didn't give me the private for it to work as a

i have installed Wazuh and Open Distro for Elasticsearch components in an all-in-one deployment (step

Hello! Seems that your problem may come from the decoder. At first sight, there are two issues: -

Hello again, Making some research, I found out that in Syslog decoders, the field program_name or

Hi Hanes, I really appreciate your time on assist. The alert is working now as expected. I have

Hi Nbentzinger, hope you are doing great today and thanks for using Wazuh! You can enable the debug

Hello, Thanks for using Wazuh! There is no enough information to know the root cause for the flooding

Hello again, sorry for taking so long to answer. We've analyzed all the information you've

Hi Namdev, Did you upgrade Wazuh Manager to 4.2? When you upgrade the Wazuh manager, the API version

Hi Adam! Thank you for your patience. The option you are looking for is only possible in Elastic

Hello, Thanks for using Wazuh! Unfortunately, Wazuh is not an API Inventory since it cannot add/

Hello, I'm doing some research and trying to determine if Sysmon/Wazuh can be replaced with

Hi Rajesh, This error is present in the Kibana logs you provided: FATAL Error: [config validation of

Thank You! It worked On Monday, September 20, 2021 at 2:48:57 PM UTC+5 sandra...@wazuh.com wrote:

If you are not seeing alerts, it could be due to the following reasons: Your wazuh manager is not

Hi Dario, Unfortunately the same or similar problem has returned. The error started occurring after a

Hi Adiel By default, the agent is installed in such a way that it can be recognized from any IP, as

On Monday, September 20, 2021 at 4:00:10 PM UTC+2 José Fernández wrote: Hello Filip, Sorry for the

Hello Scott, This can be achieved by doing an aggregation filter. The easiest way to do this is by

Any update On Thu, 9 Sept 2021 at 11:55, TUKARAM GAONKAR <tukaramgaonkar1992@gmail.com> wrote:

Hi Ekta! That issue is related to the mapping. It means that some indices (that matches the wazuh-

Hi Namdev, First, let's go with the problem in the RnD/Testing environment. The error when