Groups

Wazuh | Mailing List

Contact owners and managers

1–30 of 16275

Welcome to Wazuh mailing list. Our team will be happy to answer and help with all your questions.

We look forward to your feedback and contributions.

0 selected

Breathald 's, Bony V John6

11:02 PM

Extract MD5 hash from win.eventdata.hashes field into a separate field

Hi, Yes, the workaround I shared is a bit complicated, and you can reduce duplicate events by

unread,

Extract MD5 hash from win.eventdata.hashes field into a separate field

Hi, Yes, the workaround I shared is a bit complicated, and you can reduce duplicate events by

11:02 PM

Andrehens Chicfici, Jorest Brice Tankoua Njassep6

4:00 PM

Sophos XGS Decoder with optional fields

Hi Chic Check this latest decoder i worked on , it covers the fields you mentionned. In case you need

unread,

Sophos XGS Decoder with optional fields

Hi Chic Check this latest decoder i worked on , it covers the fields you mentionned. In case you need

4:00 PM

Creative Wolf (CreativeWolf), … Lucio Donda12

2:07 PM

Ubuntu 24.04 linux-image-6.8.0-90-generic Vulnerability

Hi CreativeWolf. As a wrap-up, you're trying to stop showing some vulnerabilities in the

unread,

Ubuntu 24.04 linux-image-6.8.0-90-generic Vulnerability

Hi CreativeWolf. As a wrap-up, you're trying to stop showing some vulnerabilities in the

2:07 PM

Paul Charran, Jorge Ardila8

10:42 AM

using read_only_root_filesystem

Jorge, I am getting the volumes that need to be r/w working. But, I am running into an interesting

unread,

using read_only_root_filesystem

Jorge, I am getting the volumes that need to be r/w working. But, I am running into an interesting

10:42 AM

10:42 AM

API Credentials not persisting

Im changing my wazuh api password by api curl -u "wazuh:newpassword" -k -X GET "https:

unread,

API Credentials not persisting

Im changing my wazuh api password by api curl -u "wazuh:newpassword" -k -X GET "https:

10:42 AM

Abdi Farhan, Jorge Eduardo Molas2

9:39 AM

Wazuh shutdown order

Hi, For a clean server restart with Wazuh 4.9, there is a recommended order based on component

unread,

Wazuh shutdown order

Hi, For a clean server restart with Wazuh 4.9, there is a recommended order based on component

9:39 AM

Shihab Hossain Shifat, musbau....@wazuh.com2

8:42 AM

Wazuh_Terraform_Setup

Hi, The reason you get this error "AxiosError: Error getting the authorization token" is

unread,

Wazuh_Terraform_Setup

Hi, The reason you get this error "AxiosError: Error getting the authorization token" is

8:42 AM

никита какдела, hasitha.u...@wazuh.com10

8:13 AM

Per_bucket monitor performance

Good afternoon! I've made some adjustments to the ctx.Alerts.0 design. I'm aggregating by

unread,

Per_bucket monitor performance

Good afternoon! I've made some adjustments to the ctx.Alerts.0 design. I'm aggregating by

8:13 AM

Chandra pal singh Chauhan, Javier Sanchez Gil10

8:01 AM

Implementing PostgreSQL Login Monitoring Use Cases in Wazuh (DAM Compliance)

Hi Chandra, The logs contain entries like the following: LOG: connection received: host=... port=...

unread,

Implementing PostgreSQL Login Monitoring Use Cases in Wazuh (DAM Compliance)

Hi Chandra, The logs contain entries like the following: LOG: connection received: host=... port=...

8:01 AM

Arsal Javed Butt, Nicolas Alejandro Bertoldo2

7:47 AM

Issue while limiting the agent autoconnection

Hi Arsal, Could you share your <key_request> configuration and the script you are using? Please

unread,

Issue while limiting the agent autoconnection

Hi Arsal, Could you share your <key_request> configuration and the script you are using? Please

7:47 AM

Facu Basgall, Carlos Ezequiel Bordon5

7:42 AM

Problem with Wazuh API manager

It is an AIO architecture Attachment command results El martes, 3 de febrero de 2026 a las 9:29:12

unread,

Problem with Wazuh API manager

It is an AIO architecture Attachment command results El martes, 3 de febrero de 2026 a las 9:29:12

7:42 AM

Aamir Sohail, … Ali Zaib5

7:12 AM

vulnerability events

Try Check by selecting explorer agent On Mon, Feb 2, 2026, 2:48 PM Aamir Sohail <rana.prince0508@

unread,

vulnerability events

Try Check by selecting explorer agent On Mon, Feb 2, 2026, 2:48 PM Aamir Sohail <rana.prince0508@

7:12 AM

Brenno Garcia, Jorge Eduardo Silva Jackson3

7:12 AM

Grafana Wazuh API

I'm trying to collect active agents by API its self hosted docker single node Em segunda-feira, 2

unread,

Grafana Wazuh API

I'm trying to collect active agents by API its self hosted docker single node Em segunda-feira, 2

7:12 AM

Muhammad Ali Khan, Stuti Gupta3

6:22 AM

Custom Rule Guide

Thanx dear , understood but the issue is that there is a specific time window during which a known

unread,

Custom Rule Guide

Thanx dear , understood but the issue is that there is a specific time window during which a known

6:22 AM

Andrehens Chicfici, Cedrick Foko5

5:54 AM

Vulnerability Scanner triggering hundreds of false positives at the same tim

Hey, Cedrick! Thanks, will try that! cheers chic Cedrick Foko schrieb am Donnerstag, 29. Januar 2026

unread,

Vulnerability Scanner triggering hundreds of false positives at the same tim

Hey, Cedrick! Thanks, will try that! cheers chic Cedrick Foko schrieb am Donnerstag, 29. Januar 2026

5:54 AM

Suvadip Ghosh, diego....@wazuh.com9

2:56 AM

AWS RDS-PGSQL Integration with wazuh for monitoring DAM

Hello Suvadip, I've created new decoders for the logs you sent me. Please replace the decoders

unread,

AWS RDS-PGSQL Integration with wazuh for monitoring DAM

Hello Suvadip, I've created new decoders for the logs you sent me. Please replace the decoders

2:56 AM

1:23 AM

CSV export limitation

Hello team, while downloading csv reports, only 10k lines are exporting and the alerts or data is in

unread,

CSV export limitation

Hello team, while downloading csv reports, only 10k lines are exporting and the alerts or data is in

1:23 AM

Gokul Suresh, Himanshu Sharma4

12:37 AM

Virustotal integration errors in ossec.log

Hi Himanshu, Sorry for the delay. These are the logs in /var/ossec/logs/integration.log /tmp/

unread,

Virustotal integration errors in ossec.log

Hi Himanshu, Sorry for the delay. These are the logs in /var/ossec/logs/integration.log /tmp/

12:37 AM

Facu Basgall, Luis Enrique Chico Capistrano19

Feb 2

Help with a rule

Hi Facu, We should probably review the event triggering rule 60204. Could you share the raw event so

unread,

Help with a rule

Hi Facu, We should probably review the event triggering rule 60204. Could you share the raw event so

Feb 2

Tengku Arya Saputra, Olamilekan Abdullateef Ajani4

Feb 2

kubelet error [7415] very disruptive docker

Hello , The reason your rule did not work is because, from what you shared, you used if_matched_sid

unread,

kubelet error [7415] very disruptive docker

Hello , The reason your rule did not work is because, from what you shared, you used if_matched_sid

Feb 2

M G, tomas....@wazuh.com3

Feb 2

Hi, I'd like to clarify a point from my previous response. Since srcip is a static (built-in)

unread,

Hi, I'd like to clarify a point from my previous response. Since srcip is a static (built-in)

Feb 2

Tengku Arya Saputra, John E10

Feb 2

False Postive webshell detection

Hi Tengku, The issue you are facing are noise coming from docker, kube8, containerd. You can suppress

unread,

False Postive webshell detection

Hi Tengku, The issue you are facing are noise coming from docker, kube8, containerd. You can suppress

Feb 2

Akshay, hasitha.u...@wazuh.com3

Feb 2

Wazuh Fortigate Integration

Hi Akshay, First of all, verify the FortiGate alerts are generating on the alerts.json file: /var/

unread,

Wazuh Fortigate Integration

Hi Akshay, First of all, verify the FortiGate alerts are generating on the alerts.json file: /var/

Feb 2

doc dodo, John Adewale Olatunde13

Feb 2

AD control cinfiguration with SCA

Thanks!! It's really works! вторник, 27 января 2026 г. в 15:40:05 UTC+3, John Adewale Olatunde:

unread,

AD control cinfiguration with SCA

Thanks!! It's really works! вторник, 27 января 2026 г. в 15:40:05 UTC+3, John Adewale Olatunde:

Feb 2

Tengku Arya Saputra, Bony V John5

Feb 2

Adding the required fields

Hi, Apologies for the late response. For monitoring network-level attacks, you can consider

unread,

Adding the required fields

Hi, Apologies for the late response. For monitoring network-level attacks, you can consider

Feb 2

Yazid, Richmond Aribibia Fimie13

Feb 1

Wazuh / Symentec Integration

Hello @Richmond, Apologies for the delayed response, and thank you for your reply. Please find below

unread,

Wazuh / Symentec Integration

Hello @Richmond, Apologies for the delayed response, and thank you for your reply. Please find below

Feb 1

Xavier Mertens, Marcos Darío Buslaiman5

Jan 31

Kunai JSON events not ingested?

Hi Marcos, It works! Great! I also applied the same to "filebeat-7.10.2-wazuh-archives-pipeline

unread,

Kunai JSON events not ingested?

Hi Marcos, It works! Great! I also applied the same to "filebeat-7.10.2-wazuh-archives-pipeline

Jan 31

никита какдела

Jan 30

wazuh-cluster.log

Hello, i have ERRORS in my wazuh-cluster.log [2026-01-30T14:11:17378][ERROR][oonct

unread,

wazuh-cluster.log

Hello, i have ERRORS in my wazuh-cluster.log [2026-01-30T14:11:17378][ERROR][oonct

Jan 30

Veera, Pablo Ariel Gonzalez18

Jan 30

fim.db management

Veera: Thanks for the detailed explanation of both cases. When should FIM events be expected after a

unread,

fim.db management

Veera: Thanks for the detailed explanation of both cases. When should FIM events be expected after a

Jan 30

Andrehens Chicfici, diego....@wazuh.com4

Jan 30

Local_rules.xml XML-Validator/Validation Tool

Hello, Glad to help! I tried this validator and it seemed to work -> https://www.liquid-

unread,

Local_rules.xml XML-Validator/Validation Tool

Hello, Glad to help! I tried this validator and it seemed to work -> https://www.liquid-

Jan 30

Search

Clear search

Close search

Google apps

Main menu