Security Daily

23 views
Skip to first unread message

KPay SOC

unread,
Apr 17, 2024, 11:13:31 PMApr 17
to Wazuh | Mailing List
Hi Wazuh Team

Good day to you

I want to generate my security daily based on the information captured by the wazuh platform. Do you have any good suggestions or templates

Thanks

Stuti Gupta

unread,
Apr 18, 2024, 12:10:14 AMApr 18
to Wazuh | Mailing List
Hello KPay SOC,
Hope you are doing well.

Could you kindly clarify what you mean by "security daily"? If you're inquiring about daily security event reports, you can find detailed information on the report feature here: https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/reports.html However, I'm uncertain about the specific information you're seeking.

Hope to hear from you soon

KPay SOC

unread,
Apr 18, 2024, 1:41:21 AMApr 18
to Stuti Gupta, Wazuh | Mailing List
Hello,
"security daily" is a security report of our own that we want to export every day, hoping that it can clearly highlight the security problems we encounter on that day, such as file changes, newly exposed vulnerabilities, and malicious requests.

'Stuti Gupta' via Wazuh | Mailing List <wa...@googlegroups.com> 於 2024年4月18日週四 下午12:10寫道:
--
You received this message because you are subscribed to the Google Groups "Wazuh | Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/e9f1fccd-02e6-40c6-9a9a-f9b959206b9en%40googlegroups.com.

Stuti Gupta

unread,
Apr 18, 2024, 6:53:32 AMApr 18
to Wazuh | Mailing List
You have the option to generate daily reports for specific events by following the suggestion provided earlier, which involves adding the configuration in the wazuh-manager. Refer to this link for detailed instructions: Wazuh Documentation - https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/reports.html

If you wish to receive daily reports for security event (image 1) modules automatically, you have two options. First, you can create visualizations or dashboards https://documentation.wazuh.com/current/user-manual/wazuh-dashboard/creating-custom-dashboards.html. Alternatively, you can navigate to the Discover channel (Image 2), apply the necessary filter, save the search, and then configure the daily report through the Wazuh web interface. To do this, follow these steps (Image 3):
Select Reporting under the opensearch Plugin > Create a Report definition > Choose a saved visualization, dashboard, or saved search > Set the schedule according to your requirements.
Click on "Create," and this will generate the report definition.

Screenshot_14.png
Screenshot_15.png



Screenshot_16.png

Hope this helps
Reply all
Reply to author
Forward
0 new messages