what is meaning for rule.mail is true or false?

[Gowtham Murugesan]

Hi everyone,

I am getting many events in wazuh with rule.mail as true or false. But I have lot of confusions, for example 

                    I got "Common web attack " event .

                    In this, the rule.mail shows false.

But in another case, some events shows rule.mail as true sometimes false. My question is, "what is the resaon for rule.mail as true or false? whether if the rule.mail is true then it should be considered as vulnerable?"

[Chantal Belen Kelm]

Hello, how are you? Thank you for using Wazuh!
This field shows whether an alert will be sent by mail or not. When it is set to true, it will send a notification by mail with the alert that has been triggered. You can see how to configure email alerts here.