Wazuh | Mailing List

Hi, I did not observe any errors while running the following commands: filebeat setup --index-

A plea to the group. Can you please assist with a step by step guide on how to accomplish this. I

Juan, Thank you your assessment of the issue was spot on, I do apologize for fat fingering the

Hello Isaac, Yes, zero vulnerabilities on certain agents can stem from several causes and not

Hello, The dashboard is built on top of the OpenSearch Security plugin, which handles authentication

Hello Chandra, What type of site-to-site VPN are you talking about? Is it a dedicated appliance, or

Hello, based on your instructions, I attempted to modify the file "pipeline.json". However,

Hi, As you mentioned, when a Wazuh agent connects from one manager node to another, it will sync

Hi Jones, Im testing a workaround and i will let you know once im done. But basically i think

Thank you Nazmur for the information and guidance. On Wednesday, April 29, 2026 at 3:13:41 PM UTC+5:

Hi Veraa, Based on the details you shared, we can see that the agent name 'veera-affected1'

Hello Miran, Yes, you can definitely do this. First, on your existing AWS Linux 2023 server, back up

Hi Mithun, At the moment, Wazuh rules do not natively support direct field-to-field comparison inside

Hi, It seems you created another custom child rule for the vulnerability alerts, and that custom rule

Hi Nick You can configure mail alerts with a custom integration script, and you can modify the custom

Hi Brenno, Use this configuration instead of my previous message, I tested it locally and worked fine

Hi M Jones, there's a small mistake on the custom rule I sent you as an example. The fields don

Hi, There are no log entries present in /var/ossec/logs/alerts/alerts.json on the associated manager.

Hi MG, Realtime monitoring applies to both directories and files. For directories, it monitors all

Hi @ Musbau Adekunle Soladoye Help me with the information on my previous query .. On Tuesday, April

Hi bastian Caro Regarding your environment, can you tell me which version of Wazuh you're using?

Hello Spartan, Best way to do this is to filter from the Discover dashboard using the agent ID and

what is the proper way of changing wazuh dashboard password for multi node deployment?

Hello! Please review while mapping the user with the Wazuh API, you have given the correct permission

Update: Your destination alerts index will look like "dest": { "index": "

Hello Daniel, Good news, we checked the wazuh-indexer index directly and the vulnerability data for

Dear Md. Nazmur Sakib, I tried the decoder and ruleset you sent me, and when I applied them, an alert

Hi Aamir, There are no vulnerability alert triggers for the initial or baseline vulnerability scan.

Hi Brenno Try adding both use_own_name and a specific prematch to that child decoder: <decoder

In Wazuh, “logs” can refer to different data sources (agent logs, alerts, or events stored in the