Selecting which logs to ingestOur Wazuh agent plugin supports syslog targets like we use in the rest of the product, so if an application sends its feed to syslog and registers the application name as described in our development documentation it can be selected to send to Wazuh as well.For Intrusion detection we can send the events as well using the same (eve) datafeed used in OPNsense, just mark the Intrusion detection events in the general settings.
