Our great sponsors
-
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Could you tell me what version of Wazuh you are using? In previous versions of Wazuh, the bug reported in issue #8210, with the overwrite option, was present. To avoid these problems, now, a rule with the overwrite option does not allow the if_sid, if_group or if_level options. Now, if we use overwrite with a rule that includes if_sid, if_group or if_level, we can see the following log when we restart the manager:
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a more popular project.
Related posts
- Help: Dashboard installation failing with "can't read etc/opensearch_dashboards.yml no such file or directory"
- Is there a work around for the Wazuh-agent installer issue with Debian 12?
- Wazuh installation assistant - Indexer installation
- "INFO: Could not connect to API id [default]: 3099 - ERROR3099 - Invalid credentials" after fresh install
- Custom dashboard with custom visualization to completely replace wazuh dashboard?