Wazuh | Mailing List

Did you make any customizations to wazuh-templates.json? In that case, could you please share it with

Hi, I see from your config that you're monitoring every single file from all of your NFS

Hello, You can create your own custom dashboard in the Wazuh dashboard. The process starts with

Hi Veera, There is no specific Wazuh documentation focused on File Integrity Monitoring

the custom decoder is working ( i did a mistake the logs are in type RFC 3164 with newline delimiter

The discrepancy between IT Hygiene, which shows Rocky Linux 9.6, and the Endpoints section, which

Hello, to continue troubleshooting, could you please share the complete log of the agent that's

To add, you could also utilize the following statistics options to show real-time information about

Hello, After reading this article: https://www.yoshee08.com/installing-wazuhs-ms-graph-api-

Hi Jose, can you check it? Let me know. Regards German El lunes, 29 de diciembre de 2025 a las 16:58:

Hi Paul, Thanks for your last reply. For future communications, please also include the group wazuh@

Hello Leo, I'm going to close this thread because you've already opened the same question on

Karlo, I couldn't thank you enough. Removing <groups> resolved the issue. Perhaps you could

Hi Bony, Thank you very much for the detailed recommendations. Actually, we have already implemented

Hello! Thanks for sharing the outputs. Based on the information provided: After manually deleting

Apologies Javier, I didn't receive any notifications you'd replied. I'll check into

Hello again, The interval value won't change the amount of data being stored, just the rate at

Hi Bitemir, Could you please share your script and the configuration you have set up so we can better

Hello Again, issue was fixed after restart these services: root@wazuh:/var/ossec/etc# /var/ossec/bin/

Hi Amin, You should use the App Role value, not the display name. regards, On Monday, January 12,

Notice: The custom rule described above can be set by either overwriting the original rule or by

Hi Muhammad Ali You need to do all these steps to resolve the storage issue. First, start by deleting

Hi, it seems the problem could be difficult to debug if this is not reproducible in a consistent way.

You can upgrade your agent's to get the updated policies after the update. But please keep in

Hi Hasitha, Is there any way we can get this wazuh alert dashboard on wazuh? As the plugin you stated

Hi Jack, You can share the SCA yml policy file from the manager to the agent's endpoints and use

Hi, If you want a specific rule description when the location field value is /var/prod-prod, you need

Hello jackma...@gmail.com Yes, this approach is valid and it fits well with Wazuh capabilities.

Hi Scope the correlation to the agent/location by adding <same_location /> to each “high usage”

Hi Brenno, The recommended approach to create data visualizations for alert data is to use the Custom