Wazuh - How to get the filterlogs?

Started by mrmanuel, April 08, 2025, 10:04:30 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 08, 2025, 10:04:30 AM
Hello,

I'm new to Wazuh and installed it a few days ago. I see some logs from OPNsense in Wazuh but the logs from the filter are missing. I followed the instructions at https://docs.opnsense.org/manual/wazuh-agent.html but unfortunately they did not help me.

On OPNsense under "Services -> Wazuh Agent -> Settings -> Applications" I also selected filter (filterlog) and firewall (firewall).

Is there anything else needed to get the filter logs into Wazuh?
April 09, 2025, 09:44:08 PM #1
Do you have archive logs enabled in Wazuh? (wazuh-archives-* index)
April 10, 2025, 10:01:19 PM #2 Last Edit: April 10, 2025, 10:33:22 PM by mrmanuel
Thanks, that was the correct hint to find the needed steps!

Here are the required steps:

- Enabling archiving
- Visualizing the events on the dashboard
- Wazuh dashboard
Print
Go Up Pages1
User actions