Wazuh mailing list

Hola Henry! En caso que los eventos estén siendo recibidos por Wazuh Manager; lo que va a ser

On the dashboard you will only see the events that trip a rule. That is events that generate an alert

Hi Rahul, meanwhile I will try to answer your question. You can do it manually using the API

Hi i am deploying a Wazuh solution in my environment and i've configured also tha SSO with

Regarding this issue, I believe it would be best to modify the quantifier from + to *. This change

Hello Red Team! Unfortunately this is related to this issue. You can try step 2 (4 & 6) where you

Sorry, to decode that field , the first EXECVE decoder set the following: <decoder name="

Mar 28, 2023 @ 06:24:38.000 wazuh-monitord INFO Starting new log after rotation. Mar 28, 2023 @ 06:24

Hi Satwika Thank you for reaching out to us. The error in the agent log file is related to a Windows

Hi MG, When an agent (already registered) connects to the manager, an alert like the following one is

Hello HA I got the email you sent privately with the information I requested using the commands.

Hi, Please let me know if your agents are still online from the Wazuh Manager perspective. In case

Hi thanks for using wazuh!! It is possible that the encryption in transit is causing the logs to not

Hi Steve, If I understood correctly, you are scanning three logs but only receiving alerts from two,

We have deployed WAZUH as per the documentation available on Website. It is up and running as

You're welcome and do not hesitate to open new threads if you have any further questions. Regards

Hi, Кирилл Новогран. Could you please send us the configuration file ossec.conf, filebeat

Hi Danish, What is the version of the Wazuh manager? On Wednesday, March 29, 2023 at 5:32:56 AM UTC-3

Hi Deepak, It seems that the command does not have any error, so could you send me the content of

Hello again, The message "Wazuh dashboard server is not ready yet" usually appears when you

Hello Maxim Did you have time to check this out and confirm if you can monitor .doc files in your

Hello Ryan Felim, This is not the exact case you are talking about, but we can use it as a reference.

Hi, Thank you for using Wazuh. Follow the steps below to install the specific version of Wazuh that

Hello Ivan, Thanks for reaching the Wazuh community! I think the specific document you are referring

Hi HA, I had to check on the lab in order to validate the steps; here they are: Labels will need to

Hello Francisco, Thank you for sharing your doubts in the community. In this case, it is needed to

Hello Luna, I changed the password in filebeat, restarted the services and it worked. Thanks for the

Thanks Diego for your response, much appreciated. 1). On that blog, it says, we should update the

Hello Ivan, could you provide me with the version of your wazuh stack? do you have an AiO deployment

Hi Ayoub, Based on your wazuh-logtest output, rule Id 81634 is triggering. Therefore, you need to use