Eva López Ruiz

icon indicating a website link linkedin.com/in/eva-lópez-ruiz-a1a049183

icon location Granada icon location Software Engineer

Results 15 comments of Eva López Ruiz

How to update Wazuh ruleset with proxy ?

Hello! The update replaces the update_ruleset.py script. The following function do it: https://github.com/wazuh/wazuh-ruleset/blob/be216805001c0bd66d401b538f36e02feb59cabb/update_ruleset#L251-L318 You should modify it too. Regards, Eva

How to update Wazuh ruleset with proxy ?

Sorry, I have no idea. I'll stay this issue open to try to support it.

Remove line in Rootkit _trojans.txt to stop false positives

Hello Mark, Thanks for notifying us. We fix it as soon as possible. Regards, Eva

Ruleset update to support new Sysmon 10 capabilities

Hello team The main Sysmon rules are already created. Now you have to create rules that generate alerts. There are two options: + Create a rule for each program you...

Ruleset update to support new Sysmon 10 capabilities

Hi Paul, Thank you for your feedback. Unfortunately, it's not possible to create decoders for the eventlog format, as it only supports the main channels, system, security, and application. The...