Is it possible to include this field by default on saved filters and queries? I have saved a new filter including this field then i have saved the query and selected the option to include filters, but if i refresh the field data.srcip is not included anymore. How can i include data.srcip by default?

This page summarizes the projects mentioned and recommended in the original post on /r/Wazuh
Security Wazuh Ossec Loganalyzer ElasticSearch

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • wazuh-dashboard-plugins

    Plugins for Wazuh Dashboard

    • Our recommended way to do what you want requires to build Kibana from source code. So, to change the default "Selected Fields" you must modify the "events-selected-field.js" file in the wazuh-kibana-app: https://github.com/wazuh/wazuh-kibana-app/blob/master/public/components/common/modules/events-selected-fields.js and then you have to build and re-install it

  • Wazuh

    Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

    • It was a pleasure!! If you want to open a Feature Request to the project you can do it by opening a new Issue on github: https://github.com/wazuh/wazuh/issues (clicking in the green button "New Issue").

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Help: Dashboard installation failing with "can't read etc/opensearch_dashboards.yml no such file or directory"

    1 project | /r/Wazuh | 6 Dec 2023

  • SCA module

    1 project | /r/Wazuh | 11 Aug 2023

  • Wazuh Docker Single Node. 500 error after changing admin password

    1 project | /r/Wazuh | 31 Jul 2023

  • Is there a work around for the Wazuh-agent installer issue with Debian 12?

    1 project | /r/Wazuh | 6 Jul 2023

  • No config sync when using cluster?

    1 project | /r/Wazuh | 8 Jun 2023