Reputation: 9
WAZUH server 4.2.7 not generating the logs
I setup a wazuh sever 4.2.7 but after installing that I am facing an issue regarding log because my server is not generating the logs of the last 24 hours.
Please respond as soon as possible
Upvotes: 0
Views: 1048
Answers (1)
Reputation: 3
There could be several reasons to not being able to see the alerts.
I will ask you some questions to detect where the problem could be:
1- Is the manager running? What is the output of the command sudo systemctl status wazuh-manager? Are there any errors or warnings reported?
2- Do you see any warning/errors on your /var/ossec/logs/ossec.log file?
3- Do you see any logs on your /var/ossec/logs/alerts/alerts.json file?
4- Is filebeat running? What is the output of the command sudo systemctl status filebeat? Are there any errors or warnings reported in the logs?
5- What kind of logs are not being shown? From the server itself or from an agent?
By answering these questions, we can narrow down the possible causes of the issue and find a solution to the problem.
Upvotes: 0
Related Questions
- Wazuh Agent not connecting
- Wazuh Not Detecting Nmap Port Scan Attack
- How can I use the Wazuh 4.3 API or interface to retrieve log information from the /var/ossec/logs/alerts directory?
- Wazuh indexer not installing in wazuh 4.5 and 4.6 Ubuntu Server 22.04.3
- How to see all the logs
- wazuh-logtest able to decode the mariadb log but no decoder in archive.json file for the same log
- Installing Wazuh Server in Windows Server