Questions tagged [wazuh]

93 questions

votes

4 answers

Wazuh - How to change admin password for web interface

I just installed WAZUH from its OVA. The web interface is admin/admin When I click reset password from the web interface i get this error Failed to reset password. {"status":"FORBIDDEN","message":"Resource 'admin' is read-only."} enter wazug admin…

elasticsearch system-administration wazuh

asked Dec 22 '20 at 00:25

TXC

votes

1 answer

bad parameter: Link is not supported podman docker-compose

when try to run docker-compose up using podman i get this error output Creating single-node_wazuh.dashboard_1 ... error ERROR: for single-node_wazuh.dashboard_1 Cannot create container for service wazuh.dashboard: bad parameter: Link is not…

docker-compose podman wazuh

asked Aug 15 '22 at 09:22

Zaman

votes

3 answers

Wazuh Agent not connecting

I have two questions. My Immediate problem is WAZUH-AGENT never connects to WAZUH-MANAGER A. That makes me think, While installing Wazuh Manager, where do we provide WAZUH MANAGER IP? B. I registered Windows and RHEL machines as agents but none of…

ossec wazuh

asked Jun 13 '20 at 17:59

Subhajit Pathak

vote

0 answers

I want to monitor Linux processes

I am using wazuh and I want to monitor Linux processes more specifically I want to alert the start of any new process is that doable? at first i tried to make a rule in wazuh that will tell me if any program started

linux bash process wazuh

asked Mar 28 '23 at 09:46

Oumaima Berjane

vote

1 answer

Wazuh Manager ossec.conf global configuration won't update all agents

I added FIM realtime configuration in Wazuh manager ossec.conf and got it restart with command "systemctl restart wazuh-agent", I tried to add new files in both Wazuh manager server and one of the Wazuh agent servers, the FIM only detected Wazuh…

wazuh

asked Jun 20 '22 at 09:10

doremi666

vote

1 answer

How can I change all the Wazuh-Kibana-App logos my own?

I want to change all logos from Wazuh GUI that include all Kibana and Wazuh and Elastic-search logos and text's that includes there names.

elasticsearch kibana elastic-stack wazuh

asked Dec 21 '21 at 11:44

Jaf Dev

vote

1 answer

Installing Wazuh Server in Windows Server

We do have one server [Windows Server 2016] and i want to monitor that server, by installing Wazuh Tool. I saw the documentation, but still i am getting confused. Should i need to install, Wazuh Server Wazuh Agent Kibana in server.? I don't see any…

kibana wazuh

asked Dec 28 '20 at 18:25

RobinHood

2,367
11
46
73

vote

1 answer

Unable to analyse MySQL error logs in OSSEC

I am trying to analyze MySQL error logs that are generated on my OSSEC agent and raise alerts using OSSEC server. here is the code block added to /var/ossec/etc/ossec.conf on the agent side to read the error logs of MySQL from the agent: …

mysql error-log ossec wazuh

asked Sep 15 '20 at 04:33

rana bhagath chand

votes

1 answer

Wazuh ElasticSearch Bad Request "_license"

talk to server... ERROR Connection marked as failed because the onConnect callback failed: could not connect to a compatible version of Elasticsearch: 400 Bad Request: {"error":{"root_cause":[{"type":"invalid_index_name_exception","reason":"Invalid…

elasticsearch elastic-stack filebeat wazuh

asked Aug 16 '23 at 13:42

ibrahim demet

votes

0 answers

Filters in the url are ovewritten by default state of the Security events Dashboard in Wazuh Elastic

I have a table in my Opensearch Dashboard. Also, I have Dashboard in Wazuh, integrated in Elastic. Wazuh is like a security application with its built-in dashboards of different categories. I need to create an url for the table field: agent.name. It…

elasticsearch elastic-stack opensearch-dashboards wazuh

asked Aug 14 '23 at 04:55

Aigerim

votes

0 answers

Wazuh windows agent cant connect after long disconnect

My windows Wazuh agent registers properly and agent is visible. However when computer is turned off for few hours, and you boot in it , it doesnt connect to manager. I can provide logs ,debug logs if you need this information to diagnose the…

wazuh ossec

asked Aug 09 '23 at 12:36

Cahir7

votes

0 answers

Wazuh dashboard - I can't connect to web interface dashboard from another device in same network

I have wazuh indexer, server, dashboard on one device, all was installed with wazuh installer on wazuh official webpage. All is working quite well, but I can't connect to web interface of dashboard from another device in the same network. I allowed…

centos7 wazuh

asked Aug 03 '23 at 05:45

n p

votes

0 answers

Wazuh decoder not extracting data

I have an application and need to extract three different events: connect, command, disconnect. I'm trying to get a decoder to work but even if i do a * is does not get picked up. I need to extract the username, port, ip address,…

logging decoding extractor wazuh

asked Jul 29 '23 at 21:45

kloud.

votes

1 answer

I'm not able to add new agents not working: something is broken?

[![enter image description here][1]][1]On a fresh Ubuntu VPS, fresh install using docker, when trying to add a new agent, instead of "Close" option of that screen I get "Refresh" option. I then fill all the data, run the commands on the machines…

agent wazuh

asked Jul 20 '23 at 18:42

Miguel Silva

votes

1 answer

Wazuh agents keep restarting, claiming configuration changes

My setup: Wazuh manager is connecting to and configuring a few thousand agents living in k8s pods. The issue: On upgrade to 4.2.5, the agents all shutdown at very similar times during configuration, and then restart. Some of the logging is below --…

wazuh

asked Jul 10 '23 at 15:23

David Boshton

2,555
5
30
51

2 3 4 5 6 7 Next