mirror of
https://github.com/socfortress/Wazuh-Rules.git
synced 2025-10-23 08:12:16 +00:00
Create decoder-manager-logs.xml
This commit is contained in:
taylor_socfortress
committed by
GitHub
GitHub
parent
2843ef085a
commit
14f1f8dc8e
8
Manager/decoder-manager-logs.xml
Normal file
8
Manager/decoder-manager-logs.xml
Normal file
@@ -0,0 +1,8 @@
|
||||
<decoder name="wazuh-authd">
|
||||
<prematch>wazuh-authd:</prematch>
|
||||
</decoder>
|
||||
<decoder name="wazuh-authd-duplicate">
|
||||
<parent>wazuh-authd</parent>
|
||||
<regex>WARNING: Duplicate name '(\S+)', rejecting enrollment\. Agent '(\d+)' key already exists on the manager\.</regex>
|
||||
<order>duplicate_name, agent_id</order>
|
||||
</decoder>
|
||||
Reference in New Issue
Block a user