Please make an update video integrating this new version with copilot. I am having issues on the integration because of the different setting. Thanks again, you are an inspiration.
Hi! thank you for you great video! My understanding is that now Vulnerability Detection relies on Indexer. I noticed that you copied cert/key from your indexer .. while official documentation seems to refers to filebeat's cert/key. Can you please clarify this step? Thank you!
Hey Taylor, thank you so much for this video. I do have a strange question. Since Graylog replaces "." with "_" for key separators, is there a nice way to correct that for the Vulnerability Detection visualizations? When I go to Vulnerability Detection -> Events, the filters are disabled because "manager.name" isn't found in the wazuh-alerts-* index. Because FluentBit sends them to Graylog and Graylog modifies the key name to "manager_name", I'm unable to find a simple way of achieving this without using a pipeline rule to replace each underscore with a period prior to being indexed. Any advice?
Hi, i have follow each steps to upgrade but im facing facing the problem which is "indexer-connector: WARNING: IndexerConnector initialization failed for index 'wazuh-states-vulnerabilities-wazuh-stg', retrying until the connection is successful."
Good Day Friends, i have a question, is this wazuh server compatible with graylog server? which version should i try to install, and which settings / tutorial to use if i try to start SIEM? thank you
Hi. This is not a quick update or easy update. I can only imagine how the 5.X.X is going to look like. Can anyone let me know why I am not seeing the indexer block in my ossec.conf? I am on v4.7.3 and a single node install.
Where did the Home Page and Modules go? I have 2 installs of 4.8 Amzn Linux OVA installed on different VMWare boxes. One has the small House Icon and full Wazuh with a blue dot. It has homepage and access to the modules. The other only has the letter W with blue dot and no access to home page or modules. Both were installed as the Thick version. Where is module access now?
I'm sorry but how are we supposed to know how to do this on after a simple package upgrade? This just really turns me off to wazuh completely. Not to mention it just doesn't run and spits out tons of errors after upgrading now, so I probably don't even have a choice...
Already installed 4.8.0-1 server and agents! You are awesome keep up the good work
Please make an update video integrating this new version with copilot. I am having issues on the integration because of the different setting. Thanks again, you are an inspiration.
Thanks a lot , can you show to enable integrity monitoring on Server and agnet Debian ?
Hi! thank you for you great video! My understanding is that now Vulnerability Detection relies on Indexer. I noticed that you copied cert/key from your indexer .. while official documentation seems to refers to filebeat's cert/key. Can you please clarify this step? Thank you!
Hey Taylor, thank you so much for this video. I do have a strange question. Since Graylog replaces "." with "_" for key separators, is there a nice way to correct that for the Vulnerability Detection visualizations? When I go to Vulnerability Detection -> Events, the filters are disabled because "manager.name" isn't found in the wazuh-alerts-* index. Because FluentBit sends them to Graylog and Graylog modifies the key name to "manager_name", I'm unable to find a simple way of achieving this without using a pipeline rule to replace each underscore with a period prior to being indexed.
Any advice?
How about upgrade on wazuh docker version 4.6.0 to 4.8.0 ? i hope you'll make tutorial on it..
did you get it?
Hi, I am having version 4.5 and need to upgrade to 4.8. Can I follow this video ?
Hi, i have follow each steps to upgrade but im facing facing the problem which is "indexer-connector: WARNING: IndexerConnector initialization failed for index 'wazuh-states-vulnerabilities-wazuh-stg', retrying until the connection is successful."
i am facing problem into add the agent . actually , i already installed agent on my windows server but its still not showing on my wazuh
hmmm.... I can't do upgrade:
wazuh-manager is already the newest version (4.7.3-1).
ubuntu 22
Which terminal is this? :O
Thank you for the video
Termius. You're welcome ;-)
Good Day Friends, i have a question, is this wazuh server compatible with graylog server? which version should i try to install, and which settings / tutorial to use if i try to start SIEM? thank you
Interested in knowing more about this too...
Hi. This is not a quick update or easy update. I can only imagine how the 5.X.X is going to look like. Can anyone let me know why I am not seeing the indexer block in my ossec.conf? I am on v4.7.3 and a single node install.
Would upgrading to 4.9 be essentially the same? How can I do a system wide upgrade? I have AIO setup in a Proxmox container
I tried to update all at the same time but failed. The dashboard won’t come up
I retried it your way and went smooth. So thank you!
It is the same method: stop the three services, and install the three services (individually). For version 4.9.2 I had to update the repository.
Where did the Home Page and Modules go? I have 2 installs of 4.8 Amzn Linux OVA installed on different VMWare boxes. One has the small House Icon and full Wazuh with a blue dot. It has homepage and access to the modules. The other only has the letter W with blue dot and no access to home page or modules. Both were installed as the Thick version. Where is module access now?
Server Management>Settings, mostly.
did you try to create users?
Thanks from Italy
what kind of terminal do you use?
Termius is the app used for the terminal ;-)
upgrade to 4.9 please
It is the same method: stop the three services, and install the three services individually. For version 4.9.2 I had to update the repository.
Thanks a lot
I'm sorry but how are we supposed to know how to do this on after a simple package upgrade? This just really turns me off to wazuh completely. Not to mention it just doesn't run and spits out tons of errors after upgrading now, so I probably don't even have a choice...