Wazuh | Mailing List

yes this was already don with in the terminal but i wont 6473 show in the dashboard i try this and i

Hello, I change to 15g heap size, but am still facing the "big message size" problem note

Hi Yap, I have created the custom decoder as you expected. However, for Domain, we could not extract

Hi Yolanda, Since you already have email alerting configured, you can add these specific rules to

Hi Martin. Thanks for the information. In the logs you just shared I could find the following lines:

Hi, I didnt get any result for this command : curl -k -u <USER>:<PASSWORD> -XGET "

Hello. From what you mention, the error that appears in the logs is not related to WhatsApp events.

HI, there are any filter for that? Regards German El martes, 23 de diciembre de 2025 a las 13:13:21

Thank you again, Karlo. Per the logs mentioned in my original email, no errors appear in integration.

Hello, I hope you're well. There is an official Wazuh blog post that has come in handy in the

Hi Gokul: Before diving into a specific root cause, it would be helpful to gather more context about

Hello once again, Thank you for the feedback, I see the status from the dashboard shows running. I

Hi, The behavior you're experiencing is related to rule 92651, which is designed to detect remote

Thank you very much, I managed to get the integration working thanks to your help. El viernes, 26 de

Hello. Thank you for your quick answer, but it didn't help. i have }, "ClientIP": {

Hi, To trigger alerts when a USB device is disconnected, please follow the steps I shared in my

Hi Stuti, Thanks a lot for pointing me the right command (again). I did use that back in 2022, but I

Hi Yogi, You want your Wazuh and Sysmon setup to generate alerts only for applications that you

Hi CIA, I have found a third-party resource that helps you to forward the logs to Wazuh. To listen to

Hi Baran, Since version 4.3, many changes have been introduced. I recommend that you take a look at

Hi The default decoder is decoding most of the fields, you can see in the image. Can you please let

Hello Prince, In order to execute the script on the agents, you need to add your custom active

Hi John, Sorry for the late reply. I'm glad to hear that the indexer issue has been resolved.

Hello Tengku, Can you explain your query in detail? Are you trying to filter out logs from triggering

Hello You cannot use multiple ports in the </port> section of the <remote> block. <

Hello Tengku, It seems to me the issue is with SMTP server name <smtp_server>smtp.office365.com

Hi, Do you still need assitance? Thanks, On Friday, December 19, 2025 at 1:51:27 PM UTC+8 Karlo

Hi Hasitha, I followed the document and updated the required details; however, I'm still unable

Hello Riccardo, I am glad to hear that it all works now. For the new use case you have shared, you

Hello EugenX, It looks like this alert is being triggered due to the sdbinst.exe utility, which is