Help me find the alerts tab on wazuh

51 views
Skip to first unread message

Arjun P

unread,
Jan 4, 2026, 6:13:47 PM (6 days ago) Jan 4
to Wazuh | Mailing List
Hi, I have recently setup the wazuh and normally in any siem there will be a tab of alerts where we can see all the generated alerts with their severity and all the events that are responsible to trigger the alert.. the tab all the soc team uses to investigate alerts, assign them mark them as closed. But I am not finding such tab on wazuh. Can you please help me which tab is used on wazuh for soc monitoring of alerts? 

hasitha.u...@wazuh.com

unread,
Jan 4, 2026, 10:45:29 PM (6 days ago) Jan 4
to Wazuh | Mailing List
Hi Arjun,

Currently, the Wazuh Dashboard does not provide built-in options to mark alerts as closed, open, or cancelled. This is because the Wazuh Dashboard is a fork of OpenSearch Dashboards.

However, I came across a public third-party GitHub repository that provides a plugin for this functionality. It appears to have been tested with Wazuh versions 4.12 and 4.13.

You can try using this plugin with your Wazuh setup from the following link:
https://github.com/xrisbarney/Wazuh-alert-manager

Before making any changes to your existing environment, please ensure you take a snapshot or backup.

Wazuh is capable of integrating with any software using Wazuh's integrator module. Therefore, you can incorporate Wazuh with the case management, in that way you can achive this.
For example, we have a blog post to forward Wazuh alerts to the DFIR IRIS case management. Please check this post to have more details of how it can be achieved.

Feel free to let me know if you need any more help with this.

Robby Hunters

unread,
Jan 6, 2026, 4:18:04 AM (5 days ago) Jan 6
to Wazuh | Mailing List
Hi Hasitha,

I'm interested in trying the Wazuh Alert Manager plugin, but I saw that it has only been tested on Wazuh versions 4.12 and 4.13. I'm currently running Wazuh 4.14, so I just wanted to check if it should still work fine on this version, or if there are any known issues ?

Thanks,

Regards,
Robby

Message has been deleted

hasitha.u...@wazuh.com

unread,
Jan 9, 2026, 11:20:59 PM (18 hours ago) Jan 9
to Wazuh | Mailing List
Hey Robby,


Hi, I have recently setup the wazuh and normally in any siem there will be a tab of alerts where we can see all the generated alerts with their severity and all the events that are responsible to trigger the alert..
Regarding this, we have a Threat Hunting page on the Wazuh dashboard, which does the same thing you mentioned; you can find it from the Threat Intelligence -> Threat Hunting

It appears that the plugin is not compatible with Wazuh 4.14. This is because Wazuh 4.14 uses OpenSearch 2.19.3, whereas Wazuh 4.13 uses OpenSearch 2.19.2.

As a result, the installation instructions for 4.13 cannot be applied to 4.14. We will need to wait until the plugin author releases an updated version that is compatible with Wazuh 4.14.x.

Apart from that, you can depend on the third-party case management tool as I mentioned above.

Let me know if you need further assistance on this.

Reply all
Reply to author
Forward
0 new messages