I'm running wazuh on 4.3 (latest version) and I'm worried about the following situation: lets say i have syscheck configured to run at 5am. some ...
I'm running wazuh on 4.3 (latest version) and I'm worried about the following situation: lets say i have syscheck configured to run at 5am. some ...
I'm trying to add the Wazuh repository to download the official Wazuh packages as instructed in their documentation page in an Ubuntu VM. When I run ...
I have installed the OSSEC server in a public instance and the OSSEC agent in a private instance on AWS in the same VPC. I have successfully installed ...
I am trying to parse a log as shown below with a child decoder in wazuh 4.x, for some reason its not parsing the needed field Log entry Child Deco ...
I have an issue with capturing exchange logs from a customer production environment. The logs exist in a set of directories, and are labeled such as: ...
I am evaluating (vanilla) OSSEC+ (not Wazuh). If I understand the documentation correctly, all the rule-specific configuration has to be done on the s ...
I am running Wazuh 4.1.5 and installing only the Wazuh manager on a Debian 10 box. Starting Wazuh leads to the error message And that is it. Is the ...
I am currently running ossec 3.6 in local mode and forwarding data to Splunk. I cannot seem to find something similar in wazuh - am I missing somethin ...
I added a new agent on the Manager server using ossec-authd method which registers an agent IP on the manager server without interactive prompt input. ...
I want to automate the process of registering the OSSEC agent IP on the OSSEC manager server. I have explored many links and articles about it but eve ...
so we've created an autoscaling group with an ami of our own, that ami have a server and an automated ossec service that reports to slack channel, the ...
I have given a Wazuh manager IP and user name and password. I installed the wazuh agent on my laptop but it is connected to the Manager IP. it is not ...
I am trying to analyze MySQL error logs that are generated on my OSSEC agent and raise alerts using OSSEC server. here is the code block added to /va ...
I am using OSSEC for HIDS. I have created a custom decoder and extracted fields from the log like srcip, dstip and protocol. Here is the log tested ...
The question is more about architecture to choose then coding per se. I have my app deployed on AWS ECS (cluster made of ec2 instances running contain ...
I have two questions. My Immediate problem is WAZUH-AGENT never connects to WAZUH-MANAGER A. That makes me think, While installing Wazuh Manager, wh ...
Can OSSEC be used to check files which on inside a docker. From what I have read OSSEC can only monitor file integrity of the Host machine. ...
I'm trying to overwrite a rule as per documentation, like this https://documentation.wazuh.com/3.12/learning-wazuh/replace-stock-rule.html So I've c ...
I want to run ossec Windows Agent service(ossec win32ui.exe) automatically by powershell. Like the ossec-control in ossec Linux agent. Is there some w ...
I am getting started with OSSEC and i want to configure windows agent. I have followed the documentation and this. My server is a VM ubuntu and I want ...