Eva López Ruiz

Hello @kravietz, First of all, thank you for your contribution to the Ruleset repository. And I am sorry for so late answer. I had approved your modification in `rules/0020-syslog_rules.xml` and...

All right, forgive the misunderstanding. I will review it and give you an answer as soon as possible. Regards, Eva

Hi @jctello, you're right. We're working on it. best regards, Eva

Hello @candlerb First, sorry for the late answer. Thank you for your contribution to the Ruleset project. I'm going to review your PR and give you an answer shortly. Kind...

Hello, An alert can have the following fields: * rule * agent * manager * id * cluster * previous_output * srcgeoip * dstgeoip * full_log * syscheck * predecoder...

Regarding `GeoLocation` fields, to use these fields Wazuh must be compiled using the `USE_GEOIP` flag. All makefile options [here](https://documentation.wazuh.com/3.13/development/makefile.html). I forgot to mention `timestamp` and `location` fields. The `program_name` and...

Hello @jorlando-tl I've pushed some commits to resolve conflicts. It could merge in 3.10. Also, In case it's possible, I would like to you send us some Cloud Custodian logs...

Thank you so much for all. I'll take a look at the script. Regards, Eva

Hello @jorlando-tl Could you do a rebase of 3.10 so that only your modifications appear? Regards, Eva

Hello @aquerubin, First of all, thank you so much for your contribution to the Ruleset project. It's interesting that you prefer to use `\S+` instead of `\d+.\d+.\d+.\d+` Could you send...