How can I send logs to the wazuh agent

Started by bimbar, June 13, 2024, 06:18:09 PM

Previous topic - Next topic
I quote the documentation:

QuoteSelecting which logs to ingest

Our Wazuh agent plugin supports syslog targets like we use in the rest of the product, so if an application sends its feed to syslog and registers the application name as described in our development documentation it can be selected to send to Wazuh as well.

For Intrusion detection we can send the events as well using the same (eve) datafeed used in OPNsense, just mark the Intrusion detection events in the general settings.

But what does it mean?