Skip to content
/ wazuh-custom-rules-and-decoders Public

In this projects are custom-decoders and custom-rules for Wazuh by me. Feel free to use it, you can redistribute it and/or modify it under the terms of GPLv2. Cybersecurity is hard, so let's work together.

License

GPL-2.0 license
12 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bayusky/wazuh-custom-rules-and-decoders

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

54 Commits
active-response
active-response
 
 
audit
audit
 
 
decoders
decoders
 
 
integration
integration
 
 
rules
rules
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Wazuh Custom Decoders and Rules

This project contains custom decoders and rules for Wazuh, created by me. Some rules are based on SOC Fortress rules, and some are my own decoders and rules.

How to use

  • Put rules and decoder files under /var/ossec/etc/rules and /var/ossec/etc/decoders.
  • Put under /var/ossec/integrations for integrations script
  • Put under /var/ossec/active-response/bin/ on agent side for active response script.

Disclaimer

Feel free to use it, you can redistribute it and/or modify it under the terms of GPLv2. Cybersecurity is hard, so let's work together.

Updates

I will update rules and decoders if the projects I work on require them.

If you find my repository useful, I'm gladly accept a cup of coffee at ko-fi or trakteer

About

In this projects are custom-decoders and custom-rules for Wazuh by me. Feel free to use it, you can redistribute it and/or modify it under the terms of GPLv2. Cybersecurity is hard, so let's work together.

Resources

Readme

License

GPL-2.0 license
Activity

Stars

12 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages