Wazuh | Mailing List

Hi, In Wazuh 4.14, this is partially possible. You can create a correlation rule that fires after

Hi German, sorry for the late reply. That log error is definitely the smoking gun. It means the

The issue is likely your regex matching against a localized `sc query` output. The field label (`

Three practical points may help here: 1. A VPS with a public static IP is not a special case. For

Hello Olamilekan, Thanks you for your help. Answering your previous question about the ruletest, yes

In Wazuh v4.14.4, the architecture of the Vulnerability Detection (VD) module changed radically

Hi Emar, You could move the log storage using a bind mount. Here's an example of how to do it:

Hi, Thanks for the references! But from what I understand "Tenants" are contained

Hello Gokul I recommend you check this documentation about Virustotal integration working with FIM:

Hey folks, I'm seeing exactly this issue hundreds of times for various linux machines. All Ubuntu

Syscollector does not expose a internal command for user.groups and group.users. Users/groups

Hi Emar, It's important to note that archived events and alert rules are independent. Enabling

Glad to know the issue is resolved On Tuesday, March 17, 2026 at 8:28:19 PM UTC+5:30 Gabriel Diaz

Hi Franco Thanks for your prompt reply and help. I have got option 1 working and edited the default

The certificates have two problems: they're expired (Jan 30 2026) and their SAN only includes `

Hello, Thanks for sharing the informations. I'll apply the workaround. Br, Adrien Le mardi 17

Hi Kevin, You are correct that JSON logs do not require a custom decoder, and your observation is

Hi Emar, I am glad that the shared information helped. Let us know if you need further assistance, so

Hi Gerald, I am glad that your issue has been resolved! On Monday, March 16, 2026 at 12:38:42 PM UTC+

Hello, Apologies for the delayed response. I was away for a while. I can see from your Dev tools

He, I check over another agent and all it is working. therere are something over the test agent that

I've found that issue is related to wazuh-remoted, and particulary to 'queue/download'

Hello Aishat, Thank you for the references! Will check these out. Cheers, Max

Hi Lucas, Thank you for the detailed answer! Cheers, Max On Monday, March 9, 2026 at 9:07:51 PM UTC+8

Glad to know the issue is resolved. On Sunday, March 15, 2026 at 1:14:35 PM UTC+5:30 Dmitry Mikheev

Hi Bayu, The current status is not visible in this screenshot. It should show connected or

Hi CRiaks, Yes, you are right. Wazuh's built-in mailer, wazuh-maild, does not support

Hi mt, Yes, you are right. This is not mentioned explicitly in the documentation, but we can confirm

Yes, it is technically possible to connect Wazuh Manager and Wazuh Dashboard to OpenSearch instead of

Hello, could u give me a sample log and wazuh-logtest result? Em sexta-feira, 6 de março de 2026 às