All results for 'search'

Showing 12 of 92 results

Managing multiple Wazuh clusters with Cross-Cluster Search

...Admin v7 Will connect to 192.168.186.60:9200 ... done Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US" OpenSearch Version: 2.10.0 Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ... Clustername: ccs-cluster Clusterstate: GREEN Number of...

Searching for alerts using the Wazuh app for Kibana

...event. Getting to know the search bar The app provides a search bar, available on almost every tab from the “Overview” and “Agents” sections. This is the main component that...

Extending Wazuh detection with OpenSearch integration

...and OpenSearch. OpenSearch is an open source search and analytics engine that provides a platform for managing and visualizing security data. Integrating Wazuh and OpenSearch allows you to combine the...

Why does Wazuh need an Elasticsearch template?

...Even if you have inserted the template properly, Logstash tries to create indices by sending data to Elasticsearch. If Logstash sent data before the template was inserted, then Elasticsearch creates...

Setting up Elasticsearch time-based indices

When you use Wazuh’s default configuration for the Elastic Stack (by following the installation guide) alerts are indexed in elasticsearch with the following naming convention: wazuh-alerts-3.x-YYYY.MM.dd This means you are...

Extending Wazuh detection with new integration methods for Splunk, OpenSearch, and Elastic Stack

...Logstash as a data forwarder to ingest events from indices on the Wazuh indexer and send them to: Elastic Stack OpenSearch Splunk. It requires you to install Logstash on a...

Monitoring AWS Managed Microsoft Active Directory with Wazuh

...in the search bar. Select IAM. 2. Select Roles > Create roles. 3. Select EC2 under Service or use case field. Then click Next. 4. Search for the policy AmazonSSMDirectoryServiceAccess....

Filtering security data with the Wazuh Query Language

...following steps to construct a WQL query for searching Wazuh agents. 1. Navigate to the Agents section on your Wazuh dashboard. 2. Run the query below on the WQL search...

Detecting vulnerabilities in container images using Amazon ECR and Wazuh

...wazuh-user with an Access key and a Secret access key on AWS. 1. Navigate to the AWS portal and search for iam in the search bar. Select the IAM service...

Wazuh integration with Amazon Security Lake as a custom source

...search, and select S3 in the select a source search field. 12. Choose the S3 bucket you created earlier under the Bucket field. For this blogpost the name of the...

Threat Hunting

...capabilities facilitate quick search and identification of potential issues and the root cause of security incidents. MITRE ATT&CK mapping Wazuh maps events in your environment with tactics, techniques, and procedures...

Extending Wazuh detection with Splunk integration

...for the wazuh-alerts Splunk index as follows. 1. Go to Search & Reporting. 2. Enter index="wazuh-alerts" and run the search. The Wazuh events indexed in the Splunk indexer will be...

All results for 'search'

No results for 'search'