Stack Overflow
Stack Overflow

Questions tagged [wazuh]

93 questions
0
votes
1 answer

Wazuh agent when ran from AWS [Ec2] userdata doesn't work correctly

Wazuh agent fim module is not working when wazuh-agent service is started in the user data script. The service starts and there's nothing wierd in ossec logs but nothing shows up in the dashboard. Fim starts working after I ssh into the instance and…
smaricevic
  • 3
  • 2
0
votes
1 answer

Installing SSL Certificates for Wazuh-Dashboard

Is it possible to have Wazuh Manager served through custom SSL certificates? The wazuh-certs-tool gives you a self cert, and every other way to get it served through SSL has failed. The closest I've gotten to getting this to work is I've had the…
Jonathan
  • 1,135
  • 1
  • 10
  • 15
0
votes
1 answer

Failed to start kibana service. Error: Cannot find module '@kbn/apm-config-loader'

I am working on Kibana and Elasticsearch. I was creating my own plugin following different tutorials but still hang on this work. During the creation of plugin through kibana-plugin-generator I have installed many other things to generate plugin…
ahsan yazdani
  • 60
  • 7
0
votes
1 answer

I'm creating a wazuh decoder to detect usb on client windows machine, I have received logs in archives.log but not generate alerts events

I have received logs in archives and tested them in wazuh-logtest. It runs fine but it gives nothing in alerts.log, how can I test the decoder that it working fine and generating events and alerts on wazuh dashboard? here is my decoder
Muhammad Faizan
  • 1
0
votes
2 answers

how can i active wazuh agent on windows , the manager is on an Ubuntu virtual machine

i open VB with Ubuntu 22.04.1 LTS. and install wazuh all in one. after i log in to the elastic and add agent the problem start. It doesn't matter if I try to do it on another machine on my Windows or on a friend's Windows with a private network, it…
Hanan Sabag
  • 29
  • 2
  • 8
0
votes
1 answer

conflicting packages - not installing wazuh-agent

I want to add an agent in wazuh, but I'm having problems. dpkg: regarding ./wazuh-agent-4.3.6.deb containing wazuh-agent: wazuh-agent conflicts with wazuh-manager wazuh-manager (version 4.3.6-1) is present and installed. dpkg: error processing…
Meow
  • 3
  • 5
0
votes
2 answers

Wazuh active response with VirusTotal is not working

Wanted to integrate with VirusTotal and Yara but it seems like active response doesn't work as expected by following the steps in the link…
doremi666
  • 121
  • 3
  • 15
0
votes
1 answer

Integrate Wazuh with Yara failed

I configured agent.conf with the following: no
doremi666
  • 121
  • 3
  • 15
0
votes
2 answers

gpg: no valid OpenPGP data found while adding Wazuh repository

I'm trying to add the Wazuh repository to download the official Wazuh packages as instructed in their documentation page in an Ubuntu VM. When I run the command specified in their documentation page: sudo curl -s…
flyingfishcattle
  • 1,817
  • 3
  • 14
  • 25
0
votes
3 answers

Wazuh Quickstart Erroring on wazuh-indexer install

I am just finding wazuh and wanted to test it out. I have tried the step by step and the scripted. Cannot get it to work. So I am consolidating my deployment to just 1 VM and am trying to run the quickstart to get going. When I try to install I get…
chrisbrdn
  • 1
  • 1
  • 1
0
votes
1 answer

Wazuh syscheck agent SQL error on centos7: FIM is not working

I havd wazuh v3.13.3 installed on centos 7. syscheck module configuration: no 43200
Andrii Petrenko
  • 163
  • 3
  • 6
0
votes
1 answer

Wazuh Index settings

Hello everybody I hope you all doing well. I have an issue with Wazuh indexes. Alerts from agents coming to manager wazuh, I set in every configuration to use index filebeat-* and its kind of working. In Kibana web I can see that every day is…
RobertD
  • 1
  • 2
0
votes
1 answer

Wazuh Kibana Active Directory

I have installed wazuh manager server, with elasticsearch and kibana. I can access to kibana web with no-login for now. And now I want to set it to access wazuh with AD access for whole company. It is possible to do that on free version or do I…
RobertD
  • 1
  • 2
0
votes
1 answer

Wazuh Plugin for kibana 7.17.x version

I'm trying to install wazuh on kibana. But i found proble where my kibana version is not compatible with wazuh latest version (7.14.x) based on this repo https://github.com/wazuh/wazuh-kibana-app. Is there wazuh plugin for kibana 7.17.2 version?
Wahyu Riski
  • 11
  • 1
0
votes
1 answer

Kibana Alerts aknowlidge-store-delete

Could you please help me with alerts in Kibana coming from Wazuh as FIM? I am successfully getting alerts from wazuh agents and showing it in Agent events. But I am able only to check the alert. There is no button to aknowledge or delete seen…
RobertD
  • 1
  • 2
1 2 3
4
5 6 7