You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
I have installed wazuh docker multi-node following this guide https://documentation.wazuh.com/current/deployment-options/docker/wazuh-container.html
and I have correctly configured the alert notifications via email. However, I have a problem. I would like to keep the alerts at level 12 but receive an alert when Clamav detects a virus. If I map in the worker and master containers the file /var/ossec/ruleset/rules/0320-clam_av_rules.xml with the modified level, the rule is no longer triggered and I see nothing even in the Security Event section of the agent. If instead I follow this guide: https://documentation.wazuh.com/current/user-manual/ruleset/rules/custom.html, the rule is triggered but it remains at level 8. From the GUI I can correctly see the modified rules (in the first case) or added (in the second). How can I solve this? Can anyone help me?
Thanks in advance.
The text was updated successfully, but these errors were encountered:
Hello,
I have installed wazuh docker multi-node following this guide https://documentation.wazuh.com/current/deployment-options/docker/wazuh-container.html
and I have correctly configured the alert notifications via email. However, I have a problem. I would like to keep the alerts at level 12 but receive an alert when Clamav detects a virus. If I map in the worker and master containers the file /var/ossec/ruleset/rules/0320-clam_av_rules.xml with the modified level, the rule is no longer triggered and I see nothing even in the Security Event section of the agent. If instead I follow this guide: https://documentation.wazuh.com/current/user-manual/ruleset/rules/custom.html, the rule is triggered but it remains at level 8. From the GUI I can correctly see the modified rules (in the first case) or added (in the second). How can I solve this? Can anyone help me?
Thanks in advance.
The text was updated successfully, but these errors were encountered: