Hi Dan,
Sure, it is from Wazuh but as an OSSEC based platform, OSSEC users can use
the rules and decoders that have been developed for Wazuh too. In a
nutshell, the decoders and rules that are by default in Wazuh but are not
in OSSEC can be used in this tool too. The documentation regarding
On Mon, Dec 28, 2020 at 9:31 AM Yana Zaeva wrote:
>
> Hi Kyriakos,
>
> Sorry for the late response. There default JSON decoder that OSSEC uses
> (which you can find the path /var/ossec/ruleset/decoders/
> 0006-json_decoders.xml) should parse all the information present in a log.
> For example,
Hi Kyriakos,
Sorry for the late response. There default JSON decoder that OSSEC uses
(which you can find the path */var/ossec/ruleset/decoders/*
*0006-json_decoders.xml)
*should parse all the information present in a log. For example, using the
tool *ossec-logtest* which you can find in