PVY.SWISS

you need to use the repository: opennix/wazuh-agent tag: 4.11.1 - works there. The Stack here is designed to go with opennix

You can do that in Network Policies. Example attached [pvy-security-wazuh-manager-master.yaml](https://github.com/user-attachments/files/23816213/pvy-security-wazuh-manager-master.yaml)

But honestly, I still have the same issue, but working with Newt Proxy

Interesting findings, and maybe some one can advise me here: kubectl exec -n wazuh pvy-security-wazuh-manager-master-0 -- grep -r "550\|553\|554" /var/ossec/etc/rules/ | head -5 Defaulted container "wazuh-manager" out of: wazuh-manager, update-index...

k3os-2883 [/etc]$ touch fim_real_host_test.txt k3os-2883 [/etc]$ kubectl exec -n wazuh pvy-security-wazuh-agent-92jqj -- ls -la /host/etc/fim_real_host_test.txt -rw-r--r-- 1 1000 1000 0 Nov 24 06:54 /host/etc/fim_real_host_test.txt k3os-2883 [/etc]$ kubectl exec -n wazuh...

Another Issue: If you kill an agent pod over kubectl, to have clean one after debugging, the new one takes the config from the Chart/ ConfigMap. Not from the dedicated...

Dedection is here, but FIM Events fails: kubectl exec -n wazuh pvy-security-wazuh-agent-mxp4p -- /bin/bash -c " echo '=== FIM IS WORKING! ===' echo 'Currently monitored paths:' tail -n 100 /var/ossec/logs/ossec.log...

Update: Since K30s is an minimal - imutable OS, it does not include and officially also not support audit.d, which is the base for File Integrity / Checksum based System...