Wazuh | Mailing List

Hi Alara, I do not think you need to start from scratch anymore because the main issue already looks

Hi, Apologies for the late response. For email alerts, you can check the following points: Ensure

On Mon, 11 May 2026 at 17:02 Facu Basgall <facub...@gmail.com> wrote: I understand that, but

Hi , Here are the details of logs attached. cat /var/ossec/logs/ossec.log | grep -iE "

Hello, Please note that I am taking a look at this. I will revert as soon as possible. Regards, On

Hello If your decoder matches a program name in the pre-decoder, you need to add the reference to it

Hi everyone, In June, we are bringing the Wazuh community together across Europe and Asia! Join us to

Hello, Based on the error, what we need is Kibana mapped permission so the user is only able to carry

Hello, This rule didn't work for me The alert for connection 'con4' was suppressed, but

Hello, Wazuh secures log data primarily by encrypting communication using Blowfish or AES encryption

Hi Perps, The events you shared can be decoded by the Wazuh built-in JSON decoder as you can see in

Hi Anand, I am glad to hear that the issue has been fixed. On Monday, May 11, 2026 at 4:28:13 PM UTC+

Hi, To get extra details such as data.vulnerability.status, you need to query the wazuh-alerts-*

Hi Vitaly wazuh-agent: WARNING: Target 'agent' message queue is full (1024). Log lines may be

Hello, It seems to me this is happening due to the command you are using. Based on findings, this is

Hello Samson please response on that. regards, Chandra On Friday, May 8, 2026 at 3:52:55 PM UTC+5:30

Hi German, I tested this on my side and experienced the same issue. To resolve it, follow the steps

Hi, Your questions cover several broad topics, so to improve communication and help you more

Hi, any luck finding a solution? I've ended up filtering that type of events, although it's

Hi Sergio, Wazuh components are easily scalable. You can easily add more Wazuh Manager or indexer

Hello, Were you able to check what was mentioned earlier? Feel free to ask me if the issue is still

To determine if Wazuh is dropping events, monitor these files on the Wazuh manager. /var/ossec/var/

Hi David, Review the <indexer> configuration block in ossec.conf based on this doc. Wazuh

Hi Emar, You cannot see more than the top 5 field values when you hover over a field on the left side

Hello Emarf, What you are trying to do I believe depends on how the file was detected. Wazuh FIM logs

Follow these steps to configure the FIM for the W drive in real time. Run PowerShell as an

Hello, Yes, Wazuh can alert on both. For failed logon attempts: Wazuh has a built-in rule ID 18106

Hi, The MITRE ATT&CK dashboard not showing data may be related to a field mapping issue. First,

Hello Thank for guidance now i have increase the heap size 2GB to 4GB and now i am able to export 30

Hello Nazmur Thanks for clerification. On Thursday, May 7, 2026 at 11:19:03 AM UTC+5:30 Md. Nazmur