Wazuh | Mailing List

Hi, I love Wazuh Please allow me some time. I'm working on this and will get back to you with an

Hi Mani, This is not an expected behavior. This error seems to be related with an incomplete parsing

Hi Kuna, It seems to me you are working with Suricata and talking about Suricata eve,json log. I

Hi, Apologies for the late response. By following the Mapping with Wazuh section in the Wazuh

Hi, I think we misunderstood each other. I thought you meant whether we had restarted the agents

Hi, When the Wazuh Manager service fails to start, the first step is to check the Wazuh Manager ossec

IDK why, but i think wazuh can't decode program_name correctly in my case. **Phase 1: Completed

Dear Nicolai, Here please take a look. Note that I have intentionally shortened some of the outputs,

Hi, Lets say if I just put MISP and abuseipdb on Wazuh and iris on shuffle will it be able to match

Hello , i am currently getting following issue

Juanjose, contents of securityadmin.sh: #!/bin/bash SCRIPT_PATH="${BASH_SOURCE[0]}" if ! [

Hello Dev, For a distributed instance, the Wazuh indexer users are meant to be changed on the wazuh

Hello Sow, So I ran a test on the log with the rule you shared, and there was a match. Please see

Hi, Index API error: ============== The error {"error":"no handler found for uri [/cat

Hello, Error 409, typically means conflict, it is an HTTP status code indicating that a request could

The Vulnerability Detection (VD) module generates alerts when new vulnerabilities are found or

Hi, I have tested this on my end and found that it is a common issue. As a workaround, you can follow

The data from the field data.win.eventdata.processName is a complete string, so it cannot be split.

Hi Alfian, For this, you can check this blog. https://wazuh.com/blog/enhancing-incident-response-with

Hi, Apologies for the late reply. Logs: Session started {"EventDetails": [{"OldValue

I've tested this setting for a few days now and it works. Usually <email_alert_level>12<

Yes, you can open a bug report by opening an issue in the GitHub repository. https://github.com/wazuh

Hi, Based on the log you shared, I have updated your decoder, and it's now working correctly.

Hi hrn.km.a...@gmail.com, Could you please share your issue in a new post so that we can assist

I have shared a resposne to your other post on this topic. Please check. https://groups.google.com/g/

Hi Alfian, The file /var/ossec/etc/rules/local_rules.xml. is for adding custom rules. Check this

I forgot the file. Here it is On Sunday, November 9, 2025 at 8:07:10 PM UTC+8 hasitha.upekshitha@

The indexer connector error indicates that the indexer connector responsible for the vulnerability

And I install it on VMware , on Ubuntu OS Vào lúc 19:43:49 UTC+7 ngày Thứ Tư, 5 tháng 11, 2025,

Hi Jorge, I wanted to know if there is any updates regarding this issue? On Saturday, August 23, 2025