Can not save rule file after edit

[HALELUJAH]

Hello,

After we write new rule we can not save it from the manager. we getting this error below.

[Nicolás Edgardo Rocca]

Hi,

We'll need a little more information about the rule you're trying to create and how you're adding It to your manager in order to debug It and fix this problem.

Please share the rule you want to add to double check It has no errors in Its definition. In addition, a couple of question regarding your setup:

• Assuming based on the screenshot you shared that you're using the Dashboard rule editor, are you trying to add this new rule into a new rule file or into an already existing one?
• Were you able to run your rule trough Ruleset Test tool? You can open this tool in the upper right corner of your screen when editing or adding a rules file. It'll let you input a log line to test if It gets decoded properly and if It matches any rules at all, and finally if It'd trigger an alert. 

[HALELUJAH]

we are editing in the dashboard but anything we add in the rule we can not save it. We try to add comment that does not help either.

21 Ocak 2026 Çarşamba tarihinde saat 18:28:26 UTC+4 itibarıyla Nicolás Edgardo Rocca şunları yazdı:

[Nicolás Edgardo Rocca]

Okay, looking at your error, It could be coming from an Server API error. Please share the output from the following commands (please make sure to not share any sensitive information like public addresses or credentials):

• On your dashboard node:

           $ journalctl -xeu wazuh-dashboard

• On your manager node:

           $ grep -iE 'warning|error|critical' /var/ossec/logs/ossec.log

          $ grep -iE 'warning|error|critical' /var/ossec/logs/api.log

Another detail we need is the Wazuh version you're using in your environment and the content of the rule file you're trying to save with your Dashboard editor, thus we can try and reproduce your error for further debugging.