New cdb lists not loading, not able to create functioning lists
128 views
Skip to first unread message
Andrehens Chicfici
Jul 24, 2024, 3:51:17 AM7/24/24
to Wazuh | Mailing List
Hey,
I created some lists recently that are working totally fine. I upgraded to Wazuh 4.8.1 and now I am not able to generate cdb lists. Not in dashboard and also not via shell.
When starting wazuh-manager and checking for errors I get:
wazuh-analysisd[21619] analysisd.c:710 at main(): WARNING: analysisd/rules.c:890 at Rules_OP_ReadRules(): (7616): List 'etc/lists/test_host' could not be loaded. Rule '111096' will be ignored.
The list looks like:
user1:
user2:
user3:
user4:
but every kind of list I create won't be loaded.
My ossec.conf looks like this:
 <ruleset>
  <list>etc/lists/</list>
  <list>rules/local_rules.xml</list>
  <list>etc/lists/comp_users</list>
  <list>etc/lists/test_host</list>
 </ruleset>
  <list>etc/lists/</list>
  <list>rules/local_rules.xml</list>
  <list>etc/lists/comp_users</list>
  <list>etc/lists/test_host</list>
 </ruleset>
I created the comp_users last week with the dashboard and its running fine. It also created a comp_users.cdb. The test_host was created with the dashboard and also manually with the correct permissions via shell. No .cdb was created and both versions were not loaded.
The local_rules.xml contains:
<group name="local">
 <rule id="111096" level="13">
  <if_sid>60106</if_sid>
  <list field="win.eventdata.targetUserName" lookup="not_match_key">etc/lists/comp_users</list>
  <list field="win.system.computer" lookup="match_key">etc/lists/test_host</list>
   <description>Forbidden admin login: $(win.eventdata.targetUserName) on $(win.system.computer)</description>
 </rule>
</group>
 <rule id="111096" level="13">
  <if_sid>60106</if_sid>
  <list field="win.eventdata.targetUserName" lookup="not_match_key">etc/lists/comp_users</list>
  <list field="win.system.computer" lookup="match_key">etc/lists/test_host</list>
   <description>Forbidden admin login: $(win.eventdata.targetUserName) on $(win.system.computer)</description>
 </rule>
</group>
When I run ./wazuh-analysisd -d in /var/ossec/bin/ the folder etc/lists isn't even scanned:
root@wazuh:/var/ossec/bin# ./wazuh-analysisd -d
2024/07/23 16:41:51 wazuh-analysisd[25729] debug_op.c:116 at _log_function(): DEBUG: Logging module auto-initialized
2024/07/23 16:41:51 wazuh-analysisd[25729] analysisd.c:380 at main(): DEBUG: Wazuh home directory: /var/ossec
2024/07/23 16:41:51 wazuh-analysisd[25729] analysisd.c:395 at main(): DEBUG: Found user/group ...
2024/07/23 16:41:51 wazuh-analysisd[25729] analysisd.c:402 at main(): DEBUG: Active response initialized ...
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:257 at Read_Rules(): DEBUG: Adding decoder dir: ruleset/decoders
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:270 at Read_Rules(): DEBUG: Adding rules dir: ruleset/rules
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: ruleset/decoders
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0045-barracuda_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0380-windows_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0025-apache_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0120-horde_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0095-dropbear_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0280-serv-u_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0075-clamav_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0425-qualysguard_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0140-kernel_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0165-netscreen_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0051-checkpoint-smart1_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0220-postfix_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0085-dovecot_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0050-checkpoint_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0290-solaris_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0145-mailscanner_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0320-sudo_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0180-openbsd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0420-vshell_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0450-openvas_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0460-kaspersky_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0265-rshd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0370-vsftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0435-owncloud_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0555-fireeye_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0115-grandstream_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0006-json_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0015-aix-ipsec_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0230-proftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0005-wazuh_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0130-imapd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0377-huawei-usg_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0101-fortiddos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0190-openvpn_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0275-sendmail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0035-asterisk_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0225-postgresql_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0475-mcafee_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0030-arpwatch_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0070-cisco-vpn_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0490-junos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0010-active-response_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0155-named_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0400-identity_guard_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0340-trend-osce_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0110-ftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0255-roundcube_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0365-vpopmail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0565-aws-eks-authenticator_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0440-proxmox-ve_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0505-paloalto_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0150-mysql_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0090-dragon-nids_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0355-vm-pop3_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0235-puppet_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0345-unbound_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0105-freeipa_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0295-sonicwall_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0305-squid_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0410-docker_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0055-cimserver_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0102-fortimail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0520-msexchange-log-decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0160-netscaler_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0040-auditd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0495-freepbs_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0103-fortiauth_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0135-imperva_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0510-sophos_fw_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0325-suhosin_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0065-cisco-ios_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0100-fortigate_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0007-wazuh-api_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0455-pfsense_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0270-samba_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0330-symantec_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0310-ssh_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0215-portsentry_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0385-wordpress_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0062-cisco-ftd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0580-macos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0378-mariadb_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0390-zeus_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0445-exim_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0480-perdition_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0350-unix_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0175-ntpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0560-oracledb_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0379-dpkg_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0250-redis_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0063-pix_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0525-f5_bigip_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0060-cisco-estreamer_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0360-vmware_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0205-pam_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0335-telnet_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0550-arbor_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0300-sophos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0195-oscap_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0540-gitlab_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0470-panda-paps_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0315-su_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0465-azure_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0170-nginx_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0405-mongodb_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0395-sqlserver_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0375-web-accesslog_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0430-cylance_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0064-cisco-asa_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0260-rsa-auth-manager_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0185-openldap_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0200-ossec_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0125-hp_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0240-pure-ftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0575-eset-remote_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0080-courier_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0245-racoon_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0285-snort_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0485-nextcloud_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0415-jenkins_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: ruleset/rules
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0450-mongodb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0860-sysmon_id_13.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0125-symantec-ws_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0705-sophos_fw_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0770-gitlab_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0010-rules_config.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0775-arbor_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0310-openbsd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0695-f5_bigip_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0400-openvpn_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0315-apparmor_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0935-cloudflare-waf_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0300-postgresql_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0050-ms-exchange_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0545-osquery_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0997-maltiverse_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0425-cisco-estreamer_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0330-sysmon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0785-huawei-usg_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0110-ms_dhcp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0615-win-ms-se_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0305-dropbear_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0240-ids_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0840-win_event_channel.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0500-owncloud_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0410-imperva_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0030-postfix_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0635-owlh-zeek_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0105-asterisk_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0295-mysql_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0590-win-system_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0385-oscap_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0602-win-wfirewall_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0800-sysmon_id_1.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0340-puppet_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0565-ms_ipsec_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0915-win-powershell_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0430-ms_wdefender_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0495-proxmox-ve_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0395-hp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0085-pam_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0505-vuls_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0910-ms-exchange-proxylogon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0020-syslog_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0750-github_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0700-paloalto_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0045-mailscanner_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0690-gcp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0180-pure-ftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0550-kaspersky_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0075-cisco-ios_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0040-imapd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0205-racoon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0675-panda-paps_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0065-pix_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0255-zeus_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0830-sysmon_id_11.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0090-telnetd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0601-win-vipre_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0630-nextcloud_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0250-apache_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0350-amazon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0130-trend-osce_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0620-win-generic_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-mcafee_epo_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0960-macos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0160-vmpop3d_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0170-ftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0475-suricata_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0165-vpopmail_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0345-netscaler_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0905-cisco-ftd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0235-vmware_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0510-ciscat_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0325-opensmtpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0017-wazuh-api_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0115-arpwatch_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0120-symantec-av_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0525-openvas_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0405-rsa-auth-manager_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0025-sendmail_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0445-identity_guard_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0900-firewall_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0715-freepbx_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0260-nginx_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0095-sshd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0460-jenkins_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0391-fortigate_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0610-win-ms_logs_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/200050-chainsaw_sigma_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0016-wazuh_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0480-qualysguard_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0390-fortiddos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0945-sysmon_id_10.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0320-clam_av_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0145-wordpress_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0570-sca_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0200-smbd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0995-microsoft-graph_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0520-vulnerability-detector_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0135-hordeimp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0185-vsftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0440-ms_sqlserver_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0455-docker_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0600-win-wdefender_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-cisco-asa_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0380-redis_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0530-mysql_audit_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0810-sysmon_id_3.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0035-spamd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0375-usb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0215-policy_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0015-ossec_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0225-mcafee_av_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0990-amazon-security-lake_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0540-pfsense_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0270-web_appsec_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0470-vshell_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0070-netscreenfw_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0560-docker_integration_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0393-fortiauth_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0392-fortimail_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0230-ms-se_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0415-sophos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0640-junos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0190-ms_ftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0195-named_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0275-squid_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0515-exim_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0820-sysmon_id_7.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0780-fireeye_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0150-cimserver_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0335-unbound_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0595-win-sysmon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0555-azure_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0435-ms_logs_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0080-sonicwall_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0280-attack_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0950-sysmon_id_20.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0920-oracledb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0580-win-security_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0245-web_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0755-office365_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0140-roundcube_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0360-serv-u_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0585-win-application_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0490-virustotal_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0575-win-base_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0210-vpn_concentrator_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0680-checkpoint-smart1_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0365-auditd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0155-dovecot_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0220-msauth_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0850-audit_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0285-systemd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0535-mariadb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0290-firewalld_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0175-proftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0100-solaris_bsm_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0870-sysmon_id_8.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0055-courier_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0485-cylance_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0925-eset-remote_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0420-freeipa_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0265-php_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0605-win-mcafee_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:385 at Read_Rules(): DEBUG: Decoders added: 120 / excluded: 0
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:386 at Read_Rules(): DEBUG: Rules added: 166 / excluded: 0
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:193 at Read_Rules(): DEBUG: Adding decoder dir: ruleset/decoders
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:223 at Read_Rules(): DEBUG: Adding rules dir: ruleset/rules
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:177 at Read_Rules(): DEBUG: Excluding rule: 0215-policy_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:193 at Read_Rules(): DEBUG: Adding decoder dir: etc/decoders
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:223 at Read_Rules(): DEBUG: Adding rules dir: etc/rules
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: ruleset/decoders
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0045-barracuda_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0380-windows_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0025-apache_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0120-horde_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0095-dropbear_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0280-serv-u_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0075-clamav_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0425-qualysguard_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0140-kernel_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0165-netscreen_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0051-checkpoint-smart1_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0220-postfix_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0085-dovecot_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0050-checkpoint_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0290-solaris_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0145-mailscanner_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0320-sudo_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0180-openbsd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0420-vshell_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0450-openvas_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0460-kaspersky_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0265-rshd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0370-vsftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0435-owncloud_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0555-fireeye_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0115-grandstream_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0006-json_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0015-aix-ipsec_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0230-proftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0005-wazuh_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0130-imapd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0377-huawei-usg_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0101-fortiddos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0190-openvpn_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0275-sendmail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0035-asterisk_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0225-postgresql_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0475-mcafee_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0030-arpwatch_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0070-cisco-vpn_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0490-junos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0010-active-response_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0155-named_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0400-identity_guard_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0340-trend-osce_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0110-ftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0255-roundcube_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0365-vpopmail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0565-aws-eks-authenticator_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0440-proxmox-ve_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0505-paloalto_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0150-mysql_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0090-dragon-nids_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0355-vm-pop3_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0235-puppet_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0345-unbound_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0105-freeipa_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0295-sonicwall_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0305-squid_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0410-docker_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0055-cimserver_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0102-fortimail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0520-msexchange-log-decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0160-netscaler_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0040-auditd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0495-freepbs_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0103-fortiauth_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0135-imperva_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0510-sophos_fw_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0325-suhosin_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0065-cisco-ios_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0100-fortigate_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0007-wazuh-api_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0455-pfsense_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0270-samba_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0330-symantec_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0310-ssh_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0215-portsentry_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0385-wordpress_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0062-cisco-ftd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0580-macos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0378-mariadb_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0390-zeus_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0445-exim_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0480-perdition_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0350-unix_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0175-ntpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0560-oracledb_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0379-dpkg_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0250-redis_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0063-pix_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0525-f5_bigip_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0060-cisco-estreamer_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0360-vmware_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0205-pam_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0335-telnet_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0550-arbor_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0300-sophos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0195-oscap_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0540-gitlab_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0470-panda-paps_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0315-su_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0465-azure_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0170-nginx_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0405-mongodb_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0395-sqlserver_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0375-web-accesslog_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0430-cylance_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0064-cisco-asa_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0260-rsa-auth-manager_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0185-openldap_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0200-ossec_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0125-hp_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0240-pure-ftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0575-eset-remote_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0080-courier_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0245-racoon_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0285-snort_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0485-nextcloud_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0415-jenkins_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: etc/decoders
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/yara_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/auditd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:320 at Read_Rules(): DEBUG: Regex does not match "etc/decoders/backups"
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:320 at Read_Rules(): DEBUG: Regex does not match "etc/decoders/test_veeam.xmlx"
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/maltrail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/esxi_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/decoder-utm.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/decoder-manager-logs.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/naxsi-opnsense_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/test_veeam.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/decoder-linux-sysmon.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/local_decoder.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: ruleset/rules
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0450-mongodb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0860-sysmon_id_13.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0125-symantec-ws_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0705-sophos_fw_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0770-gitlab_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0010-rules_config.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0775-arbor_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0310-openbsd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0695-f5_bigip_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0400-openvpn_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0315-apparmor_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0935-cloudflare-waf_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0300-postgresql_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0050-ms-exchange_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0545-osquery_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0997-maltiverse_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0425-cisco-estreamer_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0330-sysmon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0785-huawei-usg_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0110-ms_dhcp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0615-win-ms-se_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0305-dropbear_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0240-ids_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0840-win_event_channel.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0500-owncloud_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0410-imperva_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0030-postfix_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0635-owlh-zeek_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0105-asterisk_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0295-mysql_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0590-win-system_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0385-oscap_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0602-win-wfirewall_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0800-sysmon_id_1.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0340-puppet_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0565-ms_ipsec_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0915-win-powershell_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0430-ms_wdefender_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0495-proxmox-ve_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0395-hp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0085-pam_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0505-vuls_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0910-ms-exchange-proxylogon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0020-syslog_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0750-github_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0700-paloalto_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0045-mailscanner_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0690-gcp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0180-pure-ftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0550-kaspersky_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0075-cisco-ios_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0040-imapd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0205-racoon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0675-panda-paps_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0065-pix_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0255-zeus_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0830-sysmon_id_11.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0090-telnetd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0601-win-vipre_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0630-nextcloud_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0250-apache_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0350-amazon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0130-trend-osce_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0620-win-generic_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-mcafee_epo_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0960-macos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0160-vmpop3d_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0170-ftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0475-suricata_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0165-vpopmail_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0345-netscaler_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0905-cisco-ftd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0235-vmware_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0510-ciscat_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0325-opensmtpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0017-wazuh-api_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0115-arpwatch_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0120-symantec-av_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0525-openvas_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0405-rsa-auth-manager_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0025-sendmail_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0445-identity_guard_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0900-firewall_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0715-freepbx_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0260-nginx_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0095-sshd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0460-jenkins_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0391-fortigate_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0610-win-ms_logs_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/200050-chainsaw_sigma_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0016-wazuh_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0480-qualysguard_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0390-fortiddos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0945-sysmon_id_10.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0320-clam_av_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0145-wordpress_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0570-sca_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0200-smbd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0995-microsoft-graph_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0520-vulnerability-detector_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0135-hordeimp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0185-vsftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0440-ms_sqlserver_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0455-docker_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0600-win-wdefender_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-cisco-asa_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0380-redis_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0530-mysql_audit_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0810-sysmon_id_3.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0035-spamd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0375-usb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0015-ossec_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0225-mcafee_av_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0990-amazon-security-lake_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0540-pfsense_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0270-web_appsec_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0470-vshell_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0070-netscreenfw_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0560-docker_integration_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0393-fortiauth_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0392-fortimail_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0230-ms-se_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0415-sophos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0640-junos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0190-ms_ftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0195-named_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0275-squid_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0515-exim_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0820-sysmon_id_7.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0780-fireeye_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0150-cimserver_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0335-unbound_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0595-win-sysmon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0555-azure_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0435-ms_logs_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0080-sonicwall_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0280-attack_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0950-sysmon_id_20.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0920-oracledb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0580-win-security_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0245-web_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0755-office365_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0140-roundcube_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0360-serv-u_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0585-win-application_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0490-virustotal_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0575-win-base_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0210-vpn_concentrator_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0680-checkpoint-smart1_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0365-auditd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0155-dovecot_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0220-msauth_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0850-audit_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0285-systemd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0535-mariadb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0290-firewalld_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0175-proftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0100-solaris_bsm_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0870-sysmon_id_8.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0055-courier_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0485-cylance_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0925-eset-remote_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0420-freeipa_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0265-php_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0605-win-mcafee_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: etc/rules
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200990-healthcheck.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100620-misp.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200910-wazuh_sca.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200070-sysmon_reload.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:373 at Read_Rules(): DEBUG: Regex does not match "etc/rules/backups"
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/900000-exclusion_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100100-MITRE_TECHNIQUES_FROM_SYSMON_EVENT1.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100535-win_powershell_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200460-opensense.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/300001-win_sigma_rules_builtin.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/106101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT7.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200800-trendmicro.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/201000-pentest-tools.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/600000-active_response.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/veeam_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200850-crowdstrike.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200150-sysmon_for_linux_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/102101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT3.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/local_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/121101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT22.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/96600-snyk_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/109000-microsoft_defender.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200110-auditd.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/108000-office365.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200940-mimecast.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100630-maltrail.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/109101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT10.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/114101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT15.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/esxi_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100070-win_logonsessions_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200500-sap.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200360-docker_falco_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200700-sophos.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100651-abuseipdb.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/500010-manager_logs.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100099-Modsecurity.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/201015-software.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200450-f-secure-epp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/113101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT14.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100060-win_sigcheck_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/111101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT12.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/112101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT13.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100623-opencti.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/116101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT17.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100050-win_autoruns_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/101101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT2.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200970-phishing.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200100-yara_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/300100-cisco_secure_endpoint.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200200-osquery.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200400-nmap-scan_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200300-packetbeat_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/117101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT18.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200900-wazuh_inventory.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100610-domain_stats_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200960-dfir_iris.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/109100-win_sysmon_new_events.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100080-alienvault.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200001-windows_chainsaw_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/400200-open-audit.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/110101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT11.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/201010-ad_inventory.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200920-dnstwist.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:385 at Read_Rules(): DEBUG: Decoders added: 130 / excluded: 0
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:386 at Read_Rules(): DEBUG: Rules added: 227 / excluded: 1
2024/07/23 16:41:51 wazuh-analysisd[25729] analysisd.c:409 at main(): DEBUG: Read configuration ...
2024/07/23 16:41:51 wazuh-analysisd[25729] debug_op.c:116 at _log_function(): DEBUG: Logging module auto-initialized
2024/07/23 16:41:51 wazuh-analysisd[25729] analysisd.c:380 at main(): DEBUG: Wazuh home directory: /var/ossec
2024/07/23 16:41:51 wazuh-analysisd[25729] analysisd.c:395 at main(): DEBUG: Found user/group ...
2024/07/23 16:41:51 wazuh-analysisd[25729] analysisd.c:402 at main(): DEBUG: Active response initialized ...
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:257 at Read_Rules(): DEBUG: Adding decoder dir: ruleset/decoders
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:270 at Read_Rules(): DEBUG: Adding rules dir: ruleset/rules
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: ruleset/decoders
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0045-barracuda_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0380-windows_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0025-apache_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0120-horde_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0095-dropbear_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0280-serv-u_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0075-clamav_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0425-qualysguard_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0140-kernel_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0165-netscreen_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0051-checkpoint-smart1_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0220-postfix_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0085-dovecot_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0050-checkpoint_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0290-solaris_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0145-mailscanner_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0320-sudo_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0180-openbsd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0420-vshell_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0450-openvas_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0460-kaspersky_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0265-rshd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0370-vsftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0435-owncloud_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0555-fireeye_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0115-grandstream_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0006-json_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0015-aix-ipsec_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0230-proftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0005-wazuh_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0130-imapd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0377-huawei-usg_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0101-fortiddos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0190-openvpn_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0275-sendmail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0035-asterisk_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0225-postgresql_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0475-mcafee_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0030-arpwatch_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0070-cisco-vpn_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0490-junos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0010-active-response_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0155-named_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0400-identity_guard_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0340-trend-osce_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0110-ftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0255-roundcube_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0365-vpopmail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0565-aws-eks-authenticator_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0440-proxmox-ve_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0505-paloalto_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0150-mysql_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0090-dragon-nids_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0355-vm-pop3_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0235-puppet_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0345-unbound_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0105-freeipa_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0295-sonicwall_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0305-squid_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0410-docker_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0055-cimserver_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0102-fortimail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0520-msexchange-log-decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0160-netscaler_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0040-auditd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0495-freepbs_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0103-fortiauth_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0135-imperva_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0510-sophos_fw_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0325-suhosin_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0065-cisco-ios_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0100-fortigate_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0007-wazuh-api_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0455-pfsense_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0270-samba_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0330-symantec_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0310-ssh_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0215-portsentry_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0385-wordpress_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0062-cisco-ftd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0580-macos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0378-mariadb_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0390-zeus_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0445-exim_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0480-perdition_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0350-unix_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0175-ntpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0560-oracledb_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0379-dpkg_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0250-redis_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0063-pix_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0525-f5_bigip_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0060-cisco-estreamer_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0360-vmware_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0205-pam_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0335-telnet_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0550-arbor_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0300-sophos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0195-oscap_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0540-gitlab_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0470-panda-paps_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0315-su_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0465-azure_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0170-nginx_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0405-mongodb_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0395-sqlserver_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0375-web-accesslog_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0430-cylance_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0064-cisco-asa_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0260-rsa-auth-manager_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0185-openldap_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0200-ossec_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0125-hp_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0240-pure-ftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0575-eset-remote_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0080-courier_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0245-racoon_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0285-snort_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0485-nextcloud_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0415-jenkins_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: ruleset/rules
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0450-mongodb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0860-sysmon_id_13.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0125-symantec-ws_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0705-sophos_fw_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0770-gitlab_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0010-rules_config.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0775-arbor_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0310-openbsd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0695-f5_bigip_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0400-openvpn_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0315-apparmor_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0935-cloudflare-waf_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0300-postgresql_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0050-ms-exchange_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0545-osquery_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0997-maltiverse_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0425-cisco-estreamer_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0330-sysmon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0785-huawei-usg_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0110-ms_dhcp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0615-win-ms-se_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0305-dropbear_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0240-ids_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0840-win_event_channel.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0500-owncloud_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0410-imperva_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0030-postfix_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0635-owlh-zeek_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0105-asterisk_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0295-mysql_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0590-win-system_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0385-oscap_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0602-win-wfirewall_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0800-sysmon_id_1.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0340-puppet_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0565-ms_ipsec_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0915-win-powershell_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0430-ms_wdefender_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0495-proxmox-ve_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0395-hp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0085-pam_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0505-vuls_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0910-ms-exchange-proxylogon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0020-syslog_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0750-github_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0700-paloalto_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0045-mailscanner_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0690-gcp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0180-pure-ftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0550-kaspersky_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0075-cisco-ios_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0040-imapd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0205-racoon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0675-panda-paps_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0065-pix_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0255-zeus_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0830-sysmon_id_11.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0090-telnetd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0601-win-vipre_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0630-nextcloud_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0250-apache_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0350-amazon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0130-trend-osce_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0620-win-generic_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-mcafee_epo_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0960-macos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0160-vmpop3d_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0170-ftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0475-suricata_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0165-vpopmail_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0345-netscaler_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0905-cisco-ftd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0235-vmware_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0510-ciscat_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0325-opensmtpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0017-wazuh-api_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0115-arpwatch_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0120-symantec-av_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0525-openvas_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0405-rsa-auth-manager_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0025-sendmail_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0445-identity_guard_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0900-firewall_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0715-freepbx_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0260-nginx_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0095-sshd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0460-jenkins_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0391-fortigate_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0610-win-ms_logs_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/200050-chainsaw_sigma_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0016-wazuh_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0480-qualysguard_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0390-fortiddos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0945-sysmon_id_10.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0320-clam_av_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0145-wordpress_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0570-sca_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0200-smbd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0995-microsoft-graph_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0520-vulnerability-detector_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0135-hordeimp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0185-vsftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0440-ms_sqlserver_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0455-docker_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0600-win-wdefender_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-cisco-asa_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0380-redis_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0530-mysql_audit_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0810-sysmon_id_3.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0035-spamd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0375-usb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0215-policy_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0015-ossec_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0225-mcafee_av_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0990-amazon-security-lake_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0540-pfsense_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0270-web_appsec_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0470-vshell_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0070-netscreenfw_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0560-docker_integration_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0393-fortiauth_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0392-fortimail_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0230-ms-se_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0415-sophos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0640-junos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0190-ms_ftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0195-named_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0275-squid_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0515-exim_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0820-sysmon_id_7.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0780-fireeye_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0150-cimserver_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0335-unbound_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0595-win-sysmon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0555-azure_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0435-ms_logs_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0080-sonicwall_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0280-attack_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0950-sysmon_id_20.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0920-oracledb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0580-win-security_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0245-web_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0755-office365_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0140-roundcube_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0360-serv-u_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0585-win-application_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0490-virustotal_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0575-win-base_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0210-vpn_concentrator_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0680-checkpoint-smart1_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0365-auditd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0155-dovecot_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0220-msauth_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0850-audit_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0285-systemd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0535-mariadb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0290-firewalld_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0175-proftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0100-solaris_bsm_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0870-sysmon_id_8.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0055-courier_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0485-cylance_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0925-eset-remote_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0420-freeipa_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0265-php_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0605-win-mcafee_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:385 at Read_Rules(): DEBUG: Decoders added: 120 / excluded: 0
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:386 at Read_Rules(): DEBUG: Rules added: 166 / excluded: 0
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:193 at Read_Rules(): DEBUG: Adding decoder dir: ruleset/decoders
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:223 at Read_Rules(): DEBUG: Adding rules dir: ruleset/rules
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:177 at Read_Rules(): DEBUG: Excluding rule: 0215-policy_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:193 at Read_Rules(): DEBUG: Adding decoder dir: etc/decoders
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:223 at Read_Rules(): DEBUG: Adding rules dir: etc/rules
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: ruleset/decoders
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0045-barracuda_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0380-windows_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0025-apache_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0120-horde_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0095-dropbear_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0280-serv-u_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0075-clamav_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0425-qualysguard_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0140-kernel_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0165-netscreen_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0051-checkpoint-smart1_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0220-postfix_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0085-dovecot_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0050-checkpoint_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0290-solaris_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0145-mailscanner_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0320-sudo_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0180-openbsd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0420-vshell_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0450-openvas_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0460-kaspersky_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0265-rshd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0370-vsftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0435-owncloud_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0555-fireeye_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0115-grandstream_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0006-json_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0015-aix-ipsec_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0230-proftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0005-wazuh_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0130-imapd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0377-huawei-usg_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0101-fortiddos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0190-openvpn_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0275-sendmail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0035-asterisk_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0225-postgresql_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0475-mcafee_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0030-arpwatch_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0070-cisco-vpn_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0490-junos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0010-active-response_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0155-named_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0400-identity_guard_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0340-trend-osce_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0110-ftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0255-roundcube_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0365-vpopmail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0565-aws-eks-authenticator_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0440-proxmox-ve_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0505-paloalto_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0150-mysql_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0090-dragon-nids_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0355-vm-pop3_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0235-puppet_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0345-unbound_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0105-freeipa_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0295-sonicwall_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0305-squid_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0410-docker_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0055-cimserver_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0102-fortimail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0520-msexchange-log-decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0160-netscaler_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0040-auditd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0495-freepbs_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0103-fortiauth_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0135-imperva_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0510-sophos_fw_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0325-suhosin_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0065-cisco-ios_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0100-fortigate_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0007-wazuh-api_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0455-pfsense_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0270-samba_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0330-symantec_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0310-ssh_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0215-portsentry_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0385-wordpress_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0062-cisco-ftd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0580-macos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0378-mariadb_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0390-zeus_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0445-exim_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0480-perdition_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0350-unix_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0175-ntpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0560-oracledb_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0379-dpkg_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0250-redis_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0063-pix_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0525-f5_bigip_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0060-cisco-estreamer_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0360-vmware_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0205-pam_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0335-telnet_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0550-arbor_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0300-sophos_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0195-oscap_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0540-gitlab_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0470-panda-paps_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0315-su_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0465-azure_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0170-nginx_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0405-mongodb_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0395-sqlserver_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0375-web-accesslog_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0430-cylance_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0064-cisco-asa_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0260-rsa-auth-manager_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0185-openldap_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0200-ossec_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0125-hp_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0240-pure-ftpd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0575-eset-remote_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0080-courier_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0245-racoon_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0285-snort_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0485-nextcloud_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0415-jenkins_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: etc/decoders
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/yara_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/auditd_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:320 at Read_Rules(): DEBUG: Regex does not match "etc/decoders/backups"
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:320 at Read_Rules(): DEBUG: Regex does not match "etc/decoders/test_veeam.xmlx"
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/maltrail_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/esxi_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/decoder-utm.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/decoder-manager-logs.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/naxsi-opnsense_decoders.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/test_veeam.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/decoder-linux-sysmon.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/local_decoder.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: ruleset/rules
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0450-mongodb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0860-sysmon_id_13.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0125-symantec-ws_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0705-sophos_fw_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0770-gitlab_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0010-rules_config.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0775-arbor_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0310-openbsd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0695-f5_bigip_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0400-openvpn_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0315-apparmor_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0935-cloudflare-waf_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0300-postgresql_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0050-ms-exchange_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0545-osquery_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0997-maltiverse_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0425-cisco-estreamer_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0330-sysmon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0785-huawei-usg_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0110-ms_dhcp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0615-win-ms-se_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0305-dropbear_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0240-ids_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0840-win_event_channel.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0500-owncloud_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0410-imperva_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0030-postfix_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0635-owlh-zeek_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0105-asterisk_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0295-mysql_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0590-win-system_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0385-oscap_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0602-win-wfirewall_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0800-sysmon_id_1.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0340-puppet_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0565-ms_ipsec_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0915-win-powershell_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0430-ms_wdefender_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0495-proxmox-ve_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0395-hp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0085-pam_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0505-vuls_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0910-ms-exchange-proxylogon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0020-syslog_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0750-github_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0700-paloalto_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0045-mailscanner_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0690-gcp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0180-pure-ftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0550-kaspersky_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0075-cisco-ios_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0040-imapd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0205-racoon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0675-panda-paps_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0065-pix_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0255-zeus_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0830-sysmon_id_11.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0090-telnetd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0601-win-vipre_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0630-nextcloud_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0250-apache_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0350-amazon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0130-trend-osce_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0620-win-generic_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-mcafee_epo_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0960-macos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0160-vmpop3d_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0170-ftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0475-suricata_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0165-vpopmail_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0345-netscaler_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0905-cisco-ftd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0235-vmware_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0510-ciscat_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0325-opensmtpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0017-wazuh-api_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0115-arpwatch_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0120-symantec-av_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0525-openvas_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0405-rsa-auth-manager_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0025-sendmail_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0445-identity_guard_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0900-firewall_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0715-freepbx_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0260-nginx_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0095-sshd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0460-jenkins_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0391-fortigate_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0610-win-ms_logs_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/200050-chainsaw_sigma_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0016-wazuh_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0480-qualysguard_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0390-fortiddos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0945-sysmon_id_10.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0320-clam_av_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0145-wordpress_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0570-sca_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0200-smbd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0995-microsoft-graph_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0520-vulnerability-detector_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0135-hordeimp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0185-vsftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0440-ms_sqlserver_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0455-docker_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0600-win-wdefender_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-cisco-asa_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0380-redis_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0530-mysql_audit_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0810-sysmon_id_3.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0035-spamd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0375-usb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0015-ossec_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0225-mcafee_av_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0990-amazon-security-lake_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0540-pfsense_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0270-web_appsec_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0470-vshell_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0070-netscreenfw_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0560-docker_integration_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0393-fortiauth_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0392-fortimail_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0230-ms-se_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0415-sophos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0640-junos_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0190-ms_ftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0195-named_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0275-squid_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0515-exim_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0820-sysmon_id_7.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0780-fireeye_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0150-cimserver_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0335-unbound_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0595-win-sysmon_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0555-azure_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0435-ms_logs_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0080-sonicwall_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0280-attack_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0950-sysmon_id_20.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0920-oracledb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0580-win-security_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0245-web_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0755-office365_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0140-roundcube_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0360-serv-u_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0585-win-application_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0490-virustotal_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0575-win-base_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0210-vpn_concentrator_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0680-checkpoint-smart1_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0365-auditd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0155-dovecot_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0220-msauth_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0850-audit_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0285-systemd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0535-mariadb_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0290-firewalld_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0175-proftpd_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0100-solaris_bsm_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0870-sysmon_id_8.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0055-courier_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0485-cylance_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0925-eset-remote_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0420-freeipa_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0265-php_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0605-win-mcafee_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: etc/rules
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200990-healthcheck.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100620-misp.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200910-wazuh_sca.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200070-sysmon_reload.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:373 at Read_Rules(): DEBUG: Regex does not match "etc/rules/backups"
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/900000-exclusion_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100100-MITRE_TECHNIQUES_FROM_SYSMON_EVENT1.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100535-win_powershell_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200460-opensense.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/300001-win_sigma_rules_builtin.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/106101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT7.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200800-trendmicro.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/201000-pentest-tools.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/600000-active_response.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/veeam_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200850-crowdstrike.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200150-sysmon_for_linux_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/102101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT3.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/local_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/121101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT22.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/96600-snyk_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/109000-microsoft_defender.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200110-auditd.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/108000-office365.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200940-mimecast.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100630-maltrail.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/109101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT10.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/114101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT15.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/esxi_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100070-win_logonsessions_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200500-sap.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200360-docker_falco_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200700-sophos.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100651-abuseipdb.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/500010-manager_logs.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100099-Modsecurity.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/201015-software.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200450-f-secure-epp_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/113101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT14.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100060-win_sigcheck_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/111101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT12.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/112101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT13.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100623-opencti.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/116101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT17.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100050-win_autoruns_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/101101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT2.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200970-phishing.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200100-yara_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/300100-cisco_secure_endpoint.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200200-osquery.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200400-nmap-scan_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200300-packetbeat_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/117101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT18.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200900-wazuh_inventory.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100610-domain_stats_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200960-dfir_iris.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/109100-win_sysmon_new_events.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/100080-alienvault.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200001-windows_chainsaw_rules.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/400200-open-audit.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/110101-MITRE_TECHNIQUES_FROM_SYSMON_EVENT11.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/201010-ad_inventory.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/200920-dnstwist.xml
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:385 at Read_Rules(): DEBUG: Decoders added: 130 / excluded: 0
2024/07/23 16:41:51 wazuh-analysisd[25729] rules-config.c:386 at Read_Rules(): DEBUG: Rules added: 227 / excluded: 1
2024/07/23 16:41:51 wazuh-analysisd[25729] analysisd.c:409 at main(): DEBUG: Read configuration ...
Reply all
Reply to author
Forward
0 new messages