Security rule field -full_log
42 views
Skip to first unread message
WENWEN H
Mar 10, 2025, 4:12:39 AM3/10/25
to Wazuh | Mailing List
Good afternoon:
I created a Visualize, about security events, but one of the fields full_log can't be selected. full_log It helps me see the details of the event that triggered the rule. I know full_log is not available for all id events, but I still want to select full_log to see the details of some events.
I created a Visualize, about security events, but one of the fields full_log can't be selected. full_log It helps me see the details of the event that triggered the rule. I know full_log is not available for all id events, but I still want to select full_log to see the details of some events.
Bony V John
Mar 10, 2025, 5:16:19 AM3/10/25
to Wazuh | Mailing List
Hi,
Currently, in Wazuh, it is not possible to add the full_log field in a custom table visualization. However, you can achieve a similar use case using the Discover tab. Follow the steps below:
Creating table using the Discover Tab:- On the Wazuh Home page, click on the hamburger icon at the top left.
- Navigate to Explore > Discover.
- Select the required fields from the left panel to include them in your table visualization.
- Once the required fields are selected, click on the Save icon at the top left to save the table.
- On the Wazuh Home page, click on the hamburger icon at the top left.
- Navigate to Explore > Dashboards > Create Dashboard.
- Click on the Add icon at the top right to add the table you created in the Discover tab.
- Adjust the size of the table based on your requirements.
- Click on the Save icon to finalize and create your custom dashboard.
For more details, you can refer to the Wazuh custom dashboard creation documentation.
Reply all
Reply to author
Forward
0 new messages