Alert not being generated on alerts.jon
26 views
Skip to first unread message
david alvarez muñiz
Dec 2, 2024, 6:56:49 AMDec 2
to Wazuh | Mailing List
I am trying to generate and alert from a jsno log, I test the defaul json decoder and a custom rule to see if the aler is being generated like I show in the images:
I also show the custom rule that is being triggered:
+
I also show the custom rule that is being triggered:
+When I see the alerts.json file the rule doesn't appear
Antonio Kim (Wazuh)
Dec 2, 2024, 7:19:16 AMDec 2
to Wazuh | Mailing List
Hi David
As you have tested, the rule would be working correctly.
As you have tested, the rule would be working correctly.
Can you tell me how you tested it to see if an alert was generated in alert.json?
I'm sharing this documentation with use cases, maybe it will be useful to you. https://documentation.wazuh.com/current/getting-started/use-cases/log-analysis.html#rules-and-decoders
Antonio
Reply all
Reply to author
Forward
0 new messages