This article highlights a little-known Wazuh dashboard behavior that can suddenly hide all past alerts when changing hostnames or migrating to a cluster, potentially causing major visibility issues.
Curated list of Wazuh resources, tools, and integrations
This post explains how the Wazuh integrator module processes alerts one at a time and how to increase throughput by using wrapper scripts or external tools for parallel execution, preventing bottlenecks when many alerts trigger integrations.
This LinkedIn post links to a French-language guide on integrating Hybrid Analysis with Wazuh, showing how these tools can work together to enhance threat detection and malware analysis workflows.
This article clarifies that while the Wazuh agent overlaps with some EDR functionalities, it is fundamentally part of a SIEM/XDR platform and not a full-featured EDR solution itself.
It explains how to configure Wazuh to extract and decode the auditd proctitle field, which is stored in hexadecimal. The article shows how to create a custom decoder and process the field so the full executed command appears in readable text.
This article explains how to build a fully automated SOAR security workflow by integrating Wazuh for threat detection, n8n for orchestration, Jira for incident tracking, and automated email alerts — so that alerts are automatically logged, tracked, and addressed.