How to scan all open ports for all agents
229 views
Skip to first unread message
Prajapati Hitesh
Mar 6, 2023, 1:32:04 PM3/6/23
to Wazuh mailing list
Hi,
How to scan all open ports for all agents.
Oluwaseyi Soneye
Mar 6, 2023, 2:01:42 PM3/6/23
to Wazuh mailing list
Hello Prajapati,
To scan open ports on agents, you can use Wazuh and NMAP integration.
Kindly check out these links:
Prajapati Hitesh
Mar 7, 2023, 11:11:15 AM3/7/23
to Wazuh mailing list
Hi,
Can we get email report using
(Rule: 533 fired (level 13) -> "Listened ports
status (netstat) changed (new port opened or closed))..
This rule only working for Wazuh server only. For agents (Windows) it's not sharing report on mail.
Prajapati Hitesh
Mar 11, 2023, 4:47:17 AM3/11/23
to Wazuh mailing list
Hi Oluwaseyi,
Can you update on this.
Oluwaseyi Soneye
Mar 13, 2023, 3:31:21 AM3/13/23
to Wazuh mailing list
Hello Prajapati,
I assume 533 is the rule ID here. You can configure email alerts based on rule ID in the <global> section of the ossec.conf file:
<email_alerts>
<email_to>y...@example.com</email_to>
<rule_id>533</rule_id>
<do_not_delay />
</email_alerts>
<email_to>y...@example.com</email_to>
<rule_id>533</rule_id>
<do_not_delay />
</email_alerts>
Kindly refer to the following documentation for more information - Configuring email alerts - Wazuh server administration
Reply all
Reply to author
Forward
0 new messages