Wazuh | Mailing List

Is this an AI generated answer? Yes, that stops the notifications for that rule but I would like to

Hi Stuti, Thank you so much for your support. Sry for the late response. So what i found from Issue

troubleshooting ldap logins in wazuh Hi, Recently I have integrated ldap with wazuh but im unable to

Hello, I believe you can achieve this use case with a single rule, checks the frequecy of rule 31101

I've been testing the rule configuration but it doesn't work for me. I have configured so

The warnings you're seeing indicate that the Wazuh agent's event buffer temporarily reached

Hello Devsec, To clarify, yes you are correct, the wazuh server stores the alert information,

Hello, this is log from archives.json Log with \": {"timestamp":"2025-10-27T07:12

Hello, Based on the log you shared, I feel the issue is from your script. From the response, I see

hello Marcos and thank you for your approach. btw i have a question about `For changing the type of

Hello, Then the previous rule I share does exactly that. <group name="custom test,">

Hello! I was able to elaborate this decoder as an example. I believe that with a few minor

Hi, This log is in syslog format, and Wazuh pre-decodes syslog fields automatically. Because of that,

Hi, I tried to do step 1 but this is the response: { "error": { "root_cause": [ {

Hello, I am looking for someone who could provide me with a set of rules (or a draft) that I can use

Hi John, Great, thanks for sharing. I see that you didn't add an output for the last two curl

Thanks for the reply. That's what I thought, I just wanted to be sure. And I was wondering about

Hello, I am looking for someone who could provide me with a set of rules (or a draft) that I can use

Hello, I am also looking for someone who could provide me with a set of rules (or a draft) that I

Can you please share the log for which are creating this rule and your use case? So I can help you

Hello Andrei, Apologies for the delay. I reviewed the logs and it confirms the Wazuh agent isn't

Hi Hasitha, As this is in my lab and not business crital yet i have wiped the VM and done a fresh all

Hello , My question would be what is your use case regarding this test? Because your installation as

Hi Everyone i recently tested and upgraded wazuh to version 4.14 and ever since then when i got to

Hi Jeremy, The issue you're encountering stems from a data type mapping conflict in OpenSearch.

Hi Muhanad! This behavior occurs when clients that do not comply with the protocol (for example, with

HI Cosmin, seems images are broken. Let me attach them so you can take a look. - First create a new

Hi, any news? Il giorno mercoledì 29 ottobre 2025 alle 10:13:04 UTC+1 Riccardo Olivetto ha scritto:

Hi Hein Khant Shane, There were some regex errors in the decoder. You used [\d.], which is not a

Thanks Nazmur, Followed your instructions, and now the log is visible in the dashboard with the