wazuh to misp issue

9 views

Skip to first unread message

Sakai Edit

unread,

1:56 AM (6 hours ago) 1:56 AM

to Wazuh | Mailing List

trying to montor suricata agent inside ubuntu server and my other proxmox servers

my config.txt

Rafael Bailon Robles

unread,

2:42 AM (5 hours ago) 2:42 AM

to Wazuh | Mailing List

Wazuh has official documentation for integrating Suricata: Network IDS integration. I’ve reviewed the file you attached. I understand you want to integrate Wazuh with MISP. The official documentation contains information on this:

External API integration
Custom integration
How to integrate external software using Integrator

You need to perform a custom integration. Based on the attached file, it appears you haven’t yet checked the logs for errors. You can start by searching for errors with cat /var/ossec/logs/ossec.log | grep -i -E "error|warn". You can also look for wazuh-integratord errors in the log file.

Reply all

Reply to author

Forward

0 new messages