Wazuh | Mailing List

Hello jackma...@gmail.com Yes, this approach is valid and it fits well with Wazuh capabilities.

Hello! Thanks for the detailed explanation. Manually deleting data under /var/lib/wazuh-indexer can

Hi Scope the correlation to the agent/location by adding <same_location /> to each “high usage”

Hi Brenno, The recommended approach to create data visualizations for alert data is to use the Custom

Hi Muhammad, I will forward your question to the Indexer team and get back to you as soon as possible

I want to create logs with a specific description. For example, I want all logs that have the

Thanks a lot! I will try that out. One more question. In the role mapping yaml, do I need to specify

Hello Chi Bùi Quỳnh To add: I have the same exact setup for over 1 year now with double the VMs you

Hello, The configuration shared looks good and the fact that there is no error or warning is a good a

Hi Mohand, this is the official documentation for backup/restore: https://documentation.wazuh.com/

please guide me on this, what i do On Mon, Jan 12, 2026 at 3:06 PM Muhammad Ali Khan <alikhan09111

Hi Bony, We are still waiting for your support to complete the YARA integration.Please let us know

Hi, Thankyou for the suggestions, currently the replicas are already set to 0. I have deleted

Hi Nazmur, Any updates? Let me know Best, John On Friday, January 2, 2026 at 2:21:02 PM UTC+4 john

everything look like this but still no vulnerability is showing <vulnerability-detection> <

This issue could be related to the operating system. While AlmaLinux is officially supported for the

Hello, I figured out the problem. On worker node wazuh-analysisd not running... Apparently, the agent

Hi Rahul, Your configuration appears to be correct, as outlined here: To check if log duplication is

Thanks, Himanshu. This helped a lot. As a follow-up to the above questions (sorry to piggyback on the

Hello! This issue appears to be related to an incompatibility between the version of glibc used in

Hi Henry, Apologies for the delayed response, Could you please share the sample logs from the zyxel

Hi Paul. Thanks for the information shared via DM. Based on your current configuration, the following

Hi DIWAHAR, Thanks for your patience. I have replicated the issue. The CDB list fails because of the

Hey Robby, Hi, I have recently setup the wazuh and normally in any siem there will be a tab of alerts

Hello Brenno, First you need to identify where the login alerts are coming from so you can make

It is not possible to make the same report. But you can make a similar custom dashboard for Threat

Thanks for the details . No more assistance required. On Monday, January 5, 2026 at 3:16:34 PM UTC+5:

Dear Tatavolu, Your GET _cluster/settings output shows a persistent cluster block and may be the

Jose Cintron 11:25 AM (Hello Nazmur Thanks for the information and the pointers to the documentation

Hi, I have already gone through the decoder file you shared, and I provided the updated decoder file