Dear All, We are a newbie for configuring Wazuh for monitoring logs from Active Directory.We need to cature logs of Domain Controllers and we need to filter the logs according to One Particular OU or IP Range .Logs getting captured and its showing in Wazuh Dashboard and we enabled json logs all on config.But we are facing difficulty in filtering the logs and we need to send the filtered logs to secondary siem server which is possible (sys_log out put and server).But we could not figure out how to filter the logs according to OU or IP Addres range Kindly help as we need the same urgently Thanks & Regards Gopakumar
-- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/402cbb77-bcbd-4215-9d56-18c7ce04558bn%40googlegroups.com.
