Wazuh | Mailing List

Hi Hasitha, I followed the document and updated the required details; however, I'm still unable

Hello Riccardo, I am glad to hear that it all works now. For the new use case you have shared, you

Hello EugenX, It looks like this alert is being triggered due to the sdbinst.exe utility, which is

Hi Hasitha, Thank you for replying. I'm still unable to receive log in Wazuh. In my agent log,

Hello again. Not sure I follow this. The @timestamp field differs from the date of the log? This

Hello Narasimha, To follow up on this, I found the blog below, which you can also use as a reference

I have a CVE that is CVE-2025-9086 over a Ubuntu 22.04.5 LTS (Jammy Jellyfish). Wazuh 4.14.1 show

Hi! Those warnings usually mean the manager cant find or read the list files from inside the

Hi, the ruler is not working as expected. It is still capturing the event of the rule 60204 even if

Hello, When you try to save a rule from the Wazuh GUI, Wazuh triggers a restart of the manager demons

Hello, The issue I see here is the XML file drilldown you did with the syscheck directory block. The

hello i dont have vulnerabilities.log file on wazuh manager somehow cat: /var/ossec/logs/

It seems that everything is back in order. CVE's from december security update has been detected

Hello Stuti, any updates regarding this issue? Best, John On Monday, December 22, 2025 at 10:29:10 AM

Hi, First, I will explain how vulnerability alerts are generated in Wazuh. The Vulnerability

Hi Robby, I've attached the GitHub link here so you can review the latest updates from the

Hi G Mail, Please let me know the update on this, so we can check further. On Sunday, December 21,

I thought it would at least work if I left only one request enabled but no, it only works with

Hi, I followed the advice and excluded the official decoder 0455-pfsense_decoders.xml. I modified my

Hello Gerald, Your decoder will not be effective for all the logs you have shared. I also see a

Hi Glyn, Your permissions and database size are correct. However, we have recently found that given a

Thank you so much. I'll try it again and share the updated output. On Mon, Dec 22, 2025 at 9:10

Hi, I am glad to hear that the index recovery worked and the dashboard is fully operational again.

Thanks for the help, this helped a lot On Fri, 19 Dec 2025 at 17:20, 'ismail....@wazuh.com

Hello Karlo, Thank you so much for spending the time to review my logs, and to provide a suggested

Hello, Nicolae Composite rules (those defined with a frequency and timeframe) are designed for

The high event volume (100M daily, 25M from agents) and the delays with your integrations, it's

I managed to make the system work according to this guide: https://github.com/wazuh/integrations/tree

Hi Seth, I have written some sample decoders based on your log. Add the new decoder to /var/ossec/etc

Hi, When an agent upgrade is initiated from the Wazuh Manager, the agent does not require direct