Hi again and sorry for the late response,
In the last comment I posted, I showed you an example where I used manager
and agent with Wazuh version 4.1.5.
In order to replicate your issue, I need to know the Wazuh versions you are
using in the implicated manager and agents.
I have also seen
Hi,
Thank you for your detailed explanation.
I would like to discuss my scenario in detail so we could have a good
understanding on our issue.
*Case1*: I will be creating a new file(march4.txt) generating rule ID 554
and also editing an existing file(march.txt) generating rule ID 551.
This is the
Hi again,
Which Wazuh version are you using? I suppose that you are using *4.1* or a
previous version as from *4.2*, active response custom scripts work
differently.
I have been testing your active response configuration and scripts are
being executed properly, as you said.
As you can see in
Hi,
We are using AlienVault Version: OSSIM 5.7.4
For scripts we are referring to : https://github.com/jonschipp/nsm-tools/
The script is getting executed but we are not receiving FILENAME parameter
when RULE ID 554 is getting triggered.
Thanks in advance.
On Thu, Mar 3, 2022 at 5:45 PM Manuel
