Wazuh | Mailing List

Hello Bony, Thank you for you reply! The previous WARN message is not showing anymore after I did

Hello everyone, I've been trying to configure an API endpoint check in Wazuh 4.14.1 rc2 for a few

Hi laboulle1987, I see that in the master you have the logs for `Reloading ruleset` and `INFO Ruleset

Sorry, the rule I used was: <rule id="101203" level="10"> <if_sid>

Hello Nicolas, Thank you very much to spread the word about our project. Best regards, Le mardi 20

Dear Slavica, I made a sample decoder below for your reference as requested. <decoder name="

Let's use an example. I have one of the logs. What command in Dev Tools can I use to find this

I have already completed this activity, but I was not successful. Em quinta-feira, 22 de janeiro de

Hello Pablo, in the meantime i fixed the issue. It was a network problem, the docker container had

Hi! I've noticed that sometimes I don't receive a notification for a triggered alert, meaning

Hello, The issue you describe is caused by one of the followings: There are multiple versions of the

Hello @Yazid Thank you for sharing the results, I'll run some tests on my end to validate the

Hi mariano, This is expected behavior. Wazuh creates daily alert indices (wazuh-alerts-4.x-YYYY.MM.DD

Hi Natalia, Thanks, this clarifies a lot and matches what I observed in practice. I appreciate the

Hi Stuti, this is the log {"schemaVersion": "1.21", "id": "WB-

I have modified the decoders to adapt them well. The decoders should look like this: ``` <decoder

Hello, John. Yes, OS language is English. Debug logs show empty result of the command: 2026/01/22 11:

Hi again, i was finally able to get my hands on a test environment for this issue. so now with the

Hi David, To help us confirm the behavior you're observing, could you please help us validate the

Hi, Wazuh can help detect phishing emails by correlating email-related events with threat

This can happen due to a connectivity issue or if the agent cannot properly communicate with the

Hello! I updated wazuh to version 4.14.2 and encountered an issue when changing rules. When I change

Hello, After changing the frequency of the queries, from <interval>5m</interval> to <

Hi jacob As you mentioned earlier, you followed the https://documentation.wazuh.com/current/user-

Hi German You can follow https://wazuh.com/blog/recover-your-data-using-wazuh-alert-backups/ the same

The rule 101806 works fine as I sent it and no match is necessary. The following rules do not work

Hi, We'll need a little more information about the rule you're trying to create and how you

The timeout and cluster crashes you're experiencing with custom FIM rules in 4.13.1 could be

Hi David Regarding your question: "Do you have any tips on how to extract each TO field from

Hi Yogi, I've tested this rule and identified the problem. The regex type isn't defined in