Configure UFW firewall logs on Ubuntu agent to Wazuh dashboard

[OGUNDIPE OLUWABUKOLA]

Hey #community members hope you are doing good ! I have installed wazuh server (manager) via the ova file and I have configured my ubuntu server and it is reporting on the wazuh dashboard. Now I want to configure ufw firewall logs from the ubuntu agent to report to wazuh dashboard, please how can I get this done? Thanks (edited) 

[Jeff Dyke]

 First you need to get UFW logs into alerts.json.  which should only take something similar to the following, but also may need some tweakes to levels. If they make it to alerts.json, they should show up in the dashboard.

<localfile>
    <location>/var/log/ufw.log</location>
    <log_format>syslog</log_format>
</localfile>

On Tue, May 16, 2023 at 6:12 PM OGUNDIPE OLUWABUKOLA <ogund...@gmail.com> wrote:

Hey #community members hope you are doing good ! I have installed wazuh server (manager) via the ova file and I have configured my ubuntu server and it is reporting on the wazuh dashboard. Now I want to configure ufw firewall logs from the ubuntu agent to report to wazuh dashboard, please how can I get this done? Thanks (edited) 

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/7cc5b7f9-d5bf-406f-ad2d-91c2d7efee66n%40googlegroups.com.

[OGUNDIPE OLUWABUKOLA]

Hello Jeff, Thank you for the feedback. Please the alerts.json mentioned, is this a file in the UFW logs for the Ubuntu agent?

[Mario Andres Ruiz Hernandez]

Hi, please have the following instructions in consideration: https://groups.google.com/g/wazuh/c/fEh9gTlOvsQ/m/NPMy4Ac4FwAJ