Groups
Sign in
Groups
Wazuh | Mailing List
Conversations
About
Send feedback
Help
Wazuh | Mailing List
Contact owners and managers
1–30 of 11638
Welcome to Wazuh mailing list. Our team will be happy to answer and help with all your questions.
We look forward to your feedback and contributions.
Mark all as read
Report group
0 selected
Jorge S
,
Anthony Faruna
8
8:04 AM
Wazuh not detecting all 4769 events (TGS Request)
Hello Jorge, Apologies for the delayed response. Please can you send me the log of this event in JSON
unread,
Wazuh not detecting all 4769 events (TGS Request)
Hello Jorge, Apologies for the delayed response. Please can you send me the log of this event in JSON
8:04 AM
German DiCasas
,
Nicolas Curioni
2
3:22 AM
Trigger rule on specific mitre attack id
Hello German, There's a syntax error in the rule that you've shared, since the tag if_mitre
unread,
Trigger rule on specific mitre attack id
Hello German, There's a syntax error in the rule that you've shared, since the tag if_mitre
3:22 AM
Julio Aguilera
, …
moosemaimer
35
2:00 AM
Vulnerabilities report
I put together a script to gather SCA results, it writes output to a file in JSON format for analysis
unread,
Vulnerabilities report
I put together a script to gather SCA results, it writes output to a file in JSON format for analysis
2:00 AM
Rijn Raju
,
Diego Mendez Sakugawa
6
1:50 AM
Correlation In Wazuh
Hello Rijin, You can match two rules with a child rule using if_sid and if_matched_sid together.
unread,
Correlation In Wazuh
Hello Rijin, You can match two rules with a child rule using if_sid and if_matched_sid together.
1:50 AM
Daniel D'Angeli
,
Marcos Darío Buslaiman
2
Jun 7
AWS Cloudwatch integration error code 16
Hi Daniel, The code "16" is related to throttling. It is a Warning message that lets you
unread,
AWS Cloudwatch integration error code 16
Hi Daniel, The code "16" is related to throttling. It is a Warning message that lets you
Jun 7
meganie
, …
Yanis Halit
10
Jun 7
Alerts from alerts.json not visible in Dashboard
Hello, Is there any update about the topic ? i'm facing the same issue Thank you ! Le mardi 9
unread,
Alerts from alerts.json not visible in Dashboard
Hello, Is there any update about the topic ? i'm facing the same issue Thank you ! Le mardi 9
Jun 7
Facu Basgall
,
Matías David Mercado Aragonés
3
Jun 7
Encrypt ossec.conf?
Hi Facu, My team confirms that it's not currently possible. Wazuh is not prepared to read an
unread,
Encrypt ossec.conf?
Hi Facu, My team confirms that it's not currently possible. Wazuh is not prepared to read an
Jun 7
Guillaume Dorey
Jun 7
no rule.mitre.technique found
Hi, Following the new blog notes for multi-site implementation, we modify our index pattern to match
unread,
no rule.mitre.technique found
Hi, Following the new blog notes for multi-site implementation, we modify our index pattern to match
Jun 7
Julian Jorge
, …
Andreas
7
Jun 7
Increase the processing of alerts per minute
Hello, We have verified that the Wazuh integrator cannot handle more than one alert per second. This
unread,
Increase the processing of alerts per minute
Hello, We have verified that the Wazuh integrator cannot handle more than one alert per second. This
Jun 7
King Arthur
,
Lamya Imam
11
Jun 7
Logging from Mikrotik to Wazuh
Hi Philip, For this, You can try the following steps: Activate the 'logall' option within the
unread,
Logging from Mikrotik to Wazuh
Hi Philip, For this, You can try the following steps: Activate the 'logall' option within the
Jun 7
nguyencunq
,
Javier Bejar
2
Jun 7
Create Alert for Missing log in syslog firewall
Hi, Wazuh cannot alert based on the absence of logs by itself. You will need some external mechanism
unread,
Create Alert for Missing log in syslog firewall
Hi, Wazuh cannot alert based on the absence of logs by itself. You will need some external mechanism
Jun 7
Henry Valero
,
Sebastian Dario Bustos
4
Jun 7
no events are seen on the wazuh-dashboard
Hi Henry, Can you please provide the information about your cluster health and disk space? If you can
unread,
no events are seen on the wazuh-dashboard
Hi Henry, Can you please provide the information about your cluster health and disk space? If you can
Jun 7
Henry Valero
,
Lamya Imam
5
Jun 7
regedit log monitoring
Hi Henry! As discussed earlier, the real-time option is not available for windows_registry. Hence, it
unread,
regedit log monitoring
Hi Henry! As discussed earlier, the real-time option is not available for windows_registry. Hence, it
Jun 7
Kudret ÇAĞLAYAN
,
Eli Josue Rodriguez
4
Jun 7
How to calculate wazuh capacity?
Hello Kudret, sorry for the delay, as long as the Wazuh Server Manager (which is responsible for
unread,
How to calculate wazuh capacity?
Hello Kudret, sorry for the delay, as long as the Wazuh Server Manager (which is responsible for
Jun 7
bhuvanesh ammisetty
,
Othniel Ebolum
6
Jun 7
Two clients in same Dashboard
Hi Bhuvanesh, The blog post has been published, you can check it out Wazuh multi-site implementation
unread,
Two clients in same Dashboard
Hi Bhuvanesh, The blog post has been published, you can check it out Wazuh multi-site implementation
Jun 7
Michael White
,
Isaiah Daboh
5
Jun 7
Active Response based off of Palo Alto logs
Hello, Please go ahead and carefully implement this. You can specify the time-out in the ossec.conf
unread,
Active Response based off of Palo Alto logs
Hello, Please go ahead and carefully implement this. You can specify the time-out in the ossec.conf
Jun 7
J J Sloan
,
Stuti Gupta
4
Jun 7
Wazuh installer fails: "ERROR: The Wazuh API user wazuh does not exist"
Thanks Stuti, I've built a new machine, installed Wazuh there, and everything is fine now. Jake
unread,
Wazuh installer fails: "ERROR: The Wazuh API user wazuh does not exist"
Thanks Stuti, I've built a new machine, installed Wazuh there, and everything is fine now. Jake
Jun 7
Serhii
,
Lucas Esteban Pedrosa
5
Jun 6
Error moving shared/ar.conf
Hello, Serhii So you're still obtaining the error in 4.7.4. I upgraded a windows agent to the
unread,
Error moving shared/ar.conf
Hello, Serhii So you're still obtaining the error in 4.7.4. I upgraded a windows agent to the
Jun 6
Raj Verma
, …
Lucas Esteban Pedrosa
4
Jun 6
Wazuh - FIM Errors
Hello, Raj What I mean by it reappearing is that, after you change the limit and restart, at some
unread,
Wazuh - FIM Errors
Hello, Raj What I mean by it reappearing is that, after you change the limit and restart, at some
Jun 6
IT Umformtechnik
,
Nicolas Alejandro Bertoldo
5
Jun 6
wazuh-agent: WARNING: (6720): is too long. The maximum length is 260 characters.
Hi IT Umformtechnik, The maximum length path is a known issue: https://github.com/wazuh/wazuh/issues/
unread,
wazuh-agent: WARNING: (6720): is too long. The maximum length is 260 characters.
Hi IT Umformtechnik, The maximum length path is a known issue: https://github.com/wazuh/wazuh/issues/
Jun 6
Mika Otzen
,
Juan Marcos Sanchez Delgado
4
Jun 6
False Positives for RDP-Rule
I am glad to hear that you have fixed the problem. Regards! On Thursday, June 6, 2024 at 10:24:22 AM
unread,
False Positives for RDP-Rule
I am glad to hear that you have fixed the problem. Regards! On Thursday, June 6, 2024 at 10:24:22 AM
Jun 6
Armando Angeles
,
victor....@wazuh.com
2
Jun 6
Installation error on Sangfor HCI
Hello Armando, There are a few warnings visible in your screenshot, but it's still likely that
unread,
Installation error on Sangfor HCI
Hello Armando, There are a few warnings visible in your screenshot, but it's still likely that
Jun 6
José Honório
, …
Daniel D'Angeli
3
Jun 6
WARNING: Service: cloudwatchlogs - Returned exit code 16
Hi Seyla, i am running into the same issue on 4.7.4 Reading your response i have configured the wodle
unread,
WARNING: Service: cloudwatchlogs - Returned exit code 16
Hi Seyla, i am running into the same issue on 4.7.4 Reading your response i have configured the wodle
Jun 6
SirNerd
,
Ian Yenien Serrano
6
Jun 6
Status Code: 500, Error: Internal Server Error -- Received error after reboot
Hi MatV, Hi if you want to test that the wazuh indexer is working you can try these 2 commands if
unread,
Status Code: 500, Error: Internal Server Error -- Received error after reboot
Hi MatV, Hi if you want to test that the wazuh indexer is working you can try these 2 commands if
Jun 6
Aamir Sohail
,
Santiago Padilla Alvarez
2
Jun 6
rebranding
Hi, This has been removed in the next versions. The only option to remove it now is to make a custom
unread,
rebranding
Hi, This has been removed in the next versions. The only option to remove it now is to make a custom
Jun 6
ismailctest C
,
Enrique Araque Espinosa
2
Jun 6
Creating and setting a Wazuh read-only user
Hi, For users with read-only permissions it is normal that they can access all resources. Regarding
unread,
Creating and setting a Wazuh read-only user
Hi, For users with read-only permissions it is normal that they can access all resources. Regarding
Jun 6
Meraz Khan
,
Olusegun Adenrele Oyebo
7
Jun 6
Integration of amazon rds with wazuh
Hello Meraz, From the logs, it states that the access_key and secret_key authentication parameters
unread,
Integration of amazon rds with wazuh
Hello Meraz, From the logs, it states that the access_key and secret_key authentication parameters
Jun 6
Tri A
Jun 6
Wazuh API Limit
Hi there I've like to change the threshold of the API to allow more on the api.yaml If i
unread,
Wazuh API Limit
Hi there I've like to change the threshold of the API to allow more on the api.yaml If i
Jun 6
luo jeff
,
Santiago Padilla Alvarez
4
Jun 6
Why does the vulnerability status change to "resolved"
Hi Luo, I am glad to hear that the problem has been solved, Best regards! On Thursday, June 6, 2024
unread,
Why does the vulnerability status change to "resolved"
Hi Luo, I am glad to hear that the problem has been solved, Best regards! On Thursday, June 6, 2024
Jun 6
Mike V
,
Stuti Gupta
5
Jun 6
Events Stopped Showing Up in Dashboard
From the information provided, it is clear that the indices have not been formed recently. There is
unread,
Events Stopped Showing Up in Dashboard
From the information provided, it is clear that the indices have not been formed recently. There is
Jun 6