Report generated on 10-May-2023 at 20:18:34 by pytest-html v3.1.1
| Packages | {"pluggy": "1.0.0", "pytest": "7.1.2"} |
| Platform | Linux-5.15.49-linuxkit-aarch64-with-glibc2.35 |
| Plugins | {"html": "3.1.1", "metadata": "2.0.4", "testinfra": "5.0.0"} |
| Python | 3.10.6 |
4 tests ran in 18.28 seconds.
(Un)check the boxes to filter the results.
4 passed, 0 skipped, 0 failed, 0 errors, 0 expected failures, 0 unexpected passes| Tests | Failed | Success | XFail | Error |
|---|---|---|---|---|
| test_integratord/test_alerts_reading.py | 0 | 4 | 0 | 0 |
| Result | Time | Test | Description | Duration | Markers | Links | Tier |
|---|---|---|---|---|---|---|---|
| No results found. Try to check the filters | |||||||
| Passed | 2023-05-10 20:18:34.624944 | test_integratord/test_alerts_reading.py::test_integratord_change_json_inode[cannot_read_alerts_file_inode_changed] | description: Check that wazuh-integratord detects a change in the inode of the alerts.json and continues reading. alerts. | 7.58 | server | 1 | |
|
-----------------------------Captured stderr setup------------------------------ 2023-05-10 20:18:16,384 - wazuh_testing - DEBUG - Set local_internal_option to {'integrator.debug': '2', 'analysisd.debug': '1', 'monitord.rotate_log': '0'} 2023-05-10 20:18:16,390 - wazuh_testing - DEBUG - Restarting wazuh-integratord 2023-05-10 20:18:16,395 - wazuh_testing - DEBUG - Restarting wazuh-db 2023-05-10 20:18:16,399 - wazuh_testing - DEBUG - Restarting wazuh-analysisd 2023/05/10 20:18:16 wazuh-analysisd[152926] debug_op.c:70 at _log(): DEBUG: Logging module auto-initialized 2023/05/10 20:18:16 wazuh-analysisd[152926] analysisd.c:374 at main(): DEBUG: Wazuh home directory: /var/ossec 2023/05/10 20:18:16 wazuh-analysisd[152926] analysisd.c:389 at main(): DEBUG: Found user/group ... 2023/05/10 20:18:16 wazuh-analysisd[152926] analysisd.c:396 at main(): DEBUG: Active response initialized ... 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:193 at Read_Rules(): DEBUG: Adding decoder dir: ruleset/decoders 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:223 at Read_Rules(): DEBUG: Adding rules dir: ruleset/rules 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:177 at Read_Rules(): DEBUG: Excluding rule: 0215-policy_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:193 at Read_Rules(): DEBUG: Adding decoder dir: etc/decoders 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:223 at Read_Rules(): DEBUG: Adding rules dir: etc/rules 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: ruleset/decoders 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0155-named_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0510-sophos_fw_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0040-auditd_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0150-mysql_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0110-ftpd_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0295-sonicwall_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0090-dragon-nids_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0445-exim_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0580-macos_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0260-rsa-auth-manager_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0025-apache_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0410-docker_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0145-mailscanner_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0120-horde_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0055-cimserver_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0130-imapd_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0235-puppet_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0015-aix-ipsec_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0475-mcafee_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0215-portsentry_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0385-wordpress_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0555-fireeye_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0085-dovecot_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0305-squid_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0430-cylance_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0007-wazuh-api_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0005-wazuh_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0360-vmware_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0280-serv-u_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0140-kernel_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0095-dropbear_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0520-msexchange-log-decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0135-imperva_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0345-unbound_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0315-su_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0065-cisco-ios_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0505-paloalto_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0275-sendmail_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0415-jenkins_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0075-clamav_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0390-zeus_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0060-cisco-estreamer_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0160-netscaler_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0240-pure-ftpd_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0063-pix_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0102-fortimail_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0245-racoon_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0050-checkpoint_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0378-mariadb_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0300-sophos_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0495-freepbs_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0425-qualysguard_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0205-pam_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0006-json_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0010-active-response_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0355-vm-pop3_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0575-eset-remote_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0100-fortigate_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0365-vpopmail_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0080-courier_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0250-redis_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0550-arbor_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0435-owncloud_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0450-openvas_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0485-nextcloud_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0335-telnet_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0465-azure_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0340-trend-osce_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0350-unix_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0325-suhosin_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0105-freeipa_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0540-gitlab_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0062-cisco-ftd_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0380-windows_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0270-samba_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0180-openbsd_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0230-proftpd_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0375-web-accesslog_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0190-openvpn_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0175-ntpd_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0064-cisco-asa_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0125-hp_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0310-ssh_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0101-fortiddos_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0455-pfsense_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0200-ossec_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0285-snort_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0525-f5_bigip_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0560-oracledb_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0070-cisco-vpn_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0290-solaris_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0490-junos_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0440-proxmox-ve_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0165-netscreen_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0195-oscap_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0035-asterisk_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0370-vsftpd_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0480-perdition_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0051-checkpoint-smart1_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0420-vshell_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0030-arpwatch_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0565-aws-eks-authenticator_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0045-barracuda_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0470-panda-paps_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0225-postgresql_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0320-sudo_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0220-postfix_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0330-symantec_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0379-dpkg_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0460-kaspersky_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0255-roundcube_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0185-openldap_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0115-grandstream_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0400-identity_guard_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0395-sqlserver_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0377-huawei-usg_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0170-nginx_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0405-mongodb_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0265-rshd_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0103-fortiauth_decoders.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: etc/decoders 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/local_decoder.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: ruleset/rules 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0505-vuls_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0017-wazuh-api_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0905-cisco-ftd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0870-sysmon_id_8.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0400-openvpn_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0375-usb_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0530-mysql_audit_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0545-osquery_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0260-nginx_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0695-f5_bigip_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0280-attack_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0285-systemd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0393-fortiauth_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0390-fortiddos_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0380-redis_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0120-symantec-av_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0340-puppet_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0392-fortimail_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0295-mysql_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0095-sshd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0025-sendmail_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0575-win-base_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0410-imperva_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0590-win-system_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0385-oscap_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0960-macos_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0850-audit_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0255-zeus_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0245-web_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0775-arbor_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0675-panda-paps_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0150-cimserver_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0460-jenkins_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0435-ms_logs_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0510-ciscat_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0555-azure_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0080-sonicwall_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0910-ms-exchange-proxylogon_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0490-virustotal_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0065-pix_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0430-ms_wdefender_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0810-sysmon_id_3.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0035-spamd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0345-netscaler_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0135-hordeimp_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0180-pure-ftpd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0225-mcafee_av_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0602-win-wfirewall_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0950-sysmon_id_20.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0500-owncloud_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0010-rules_config.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0210-vpn_concentrator_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0310-openbsd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0016-wazuh_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0585-win-application_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0420-freeipa_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0620-win-generic_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0520-vulnerability-detector_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0240-ids_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0055-courier_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-mcafee_epo_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0140-roundcube_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0185-vsftpd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0100-solaris_bsm_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0565-ms_ipsec_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0195-named_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0780-fireeye_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0165-vpopmail_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0030-postfix_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0480-qualysguard_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0550-kaspersky_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0900-firewall_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0325-opensmtpd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0860-sysmon_id_13.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0945-sysmon_id_10.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0750-github_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0610-win-ms_logs_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0391-fortigate_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0130-trend-osce_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0445-identity_guard_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-cisco-asa_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0920-oracledb_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0105-asterisk_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0535-mariadb_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0715-freepbx_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0690-gcp_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0200-smbd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0405-rsa-auth-manager_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0440-ms_sqlserver_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0090-telnetd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0580-win-security_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0040-imapd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0290-firewalld_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0755-office365_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0540-pfsense_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0335-unbound_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0785-huawei-usg_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0160-vmpop3d_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0045-mailscanner_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0705-sophos_fw_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0640-junos_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0770-gitlab_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0615-win-ms-se_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0085-pam_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0235-vmware_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0155-dovecot_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0470-vshell_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0275-squid_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0570-sca_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0170-ftpd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0265-php_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0600-win-wdefender_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0360-serv-u_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0205-racoon_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0250-apache_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0495-proxmox-ve_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0015-ossec_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0680-checkpoint-smart1_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0935-cloudflare-waf_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0075-cisco-ios_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0830-sysmon_id_11.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0630-nextcloud_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0300-postgresql_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0601-win-vipre_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0635-owlh-zeek_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0450-mongodb_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0190-ms_ftpd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0330-sysmon_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0350-amazon_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0990-amazon-security-lake_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0125-symantec-ws_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0925-eset-remote_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0485-cylance_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0050-ms-exchange_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0145-wordpress_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0175-proftpd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0605-win-mcafee_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0455-docker_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0070-netscreenfw_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0425-cisco-estreamer_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0315-apparmor_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0700-paloalto_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0415-sophos_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0320-clam_av_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0515-exim_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0230-ms-se_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0365-auditd_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0115-arpwatch_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0475-suricata_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0595-win-sysmon_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0560-docker_integration_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0395-hp_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0820-sysmon_id_7.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0800-sysmon_id_1.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0110-ms_dhcp_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0840-win_event_channel.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0270-web_appsec_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0220-msauth_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0525-openvas_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0020-syslog_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0915-win-powershell_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0305-dropbear_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: etc/rules 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/local_rules.xml 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:385 at Read_Rules(): DEBUG: Decoders added: 121 / excluded: 0 2023/05/10 20:18:16 wazuh-analysisd[152926] rules-config.c:386 at Read_Rules(): DEBUG: Rules added: 163 / excluded: 1 2023/05/10 20:18:16 wazuh-analysisd[152926] analysisd.c:403 at main(): DEBUG: Read configuration ... -------------------------------Captured log setup------------------------------- DEBUG wazuh_testing:conftest.py:624 Set local_internal_option to {'integrator.debug': '2', 'analysisd.debug': '1', 'monitord.rotate_log': '0'} DEBUG wazuh_testing:conftest.py:978 Restarting wazuh-integratord DEBUG wazuh_testing:conftest.py:978 Restarting wazuh-db DEBUG wazuh_testing:conftest.py:978 Restarting wazuh-analysisd ----------------------------Captured stderr teardown---------------------------- 2023-05-10 20:18:23,119 - wazuh_testing - DEBUG - Stopping wazuh-integratord 2023-05-10 20:18:23,129 - wazuh_testing - DEBUG - Stopping wazuh-db 2023-05-10 20:18:23,947 - wazuh_testing - DEBUG - Stopping wazuh-analysisd -----------------------------Captured log teardown------------------------------ DEBUG wazuh_testing:conftest.py:998 Stopping wazuh-integratord DEBUG wazuh_testing:conftest.py:998 Stopping wazuh-db DEBUG wazuh_testing:conftest.py:998 Stopping wazuh-analysisd | |||||||
| Passed | 2023-05-10 20:18:34.625368 | test_integratord/test_alerts_reading.py::test_integratord_read_valid_alerts[read_valid_json_alert] | description: Check that when a given alert is inserted into alerts.json, integratord works as expected. In case. of a valid alert, a slack integration alert is expected in the alerts.json file. | 3.55 | server | 1 | |
|
-----------------------------Captured stderr setup------------------------------ 2023-05-10 20:18:23,999 - wazuh_testing - DEBUG - Restarting wazuh-integratord 2023-05-10 20:18:24,007 - wazuh_testing - DEBUG - Restarting wazuh-db 2023-05-10 20:18:24,014 - wazuh_testing - DEBUG - Restarting wazuh-analysisd 2023/05/10 20:18:24 wazuh-analysisd[153096] debug_op.c:70 at _log(): DEBUG: Logging module auto-initialized 2023/05/10 20:18:24 wazuh-analysisd[153096] analysisd.c:374 at main(): DEBUG: Wazuh home directory: /var/ossec 2023/05/10 20:18:24 wazuh-analysisd[153096] analysisd.c:389 at main(): DEBUG: Found user/group ... 2023/05/10 20:18:24 wazuh-analysisd[153096] analysisd.c:396 at main(): DEBUG: Active response initialized ... 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:193 at Read_Rules(): DEBUG: Adding decoder dir: ruleset/decoders 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:223 at Read_Rules(): DEBUG: Adding rules dir: ruleset/rules 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:177 at Read_Rules(): DEBUG: Excluding rule: 0215-policy_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:193 at Read_Rules(): DEBUG: Adding decoder dir: etc/decoders 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:223 at Read_Rules(): DEBUG: Adding rules dir: etc/rules 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: ruleset/decoders 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0155-named_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0510-sophos_fw_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0040-auditd_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0150-mysql_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0110-ftpd_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0295-sonicwall_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0090-dragon-nids_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0445-exim_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0580-macos_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0260-rsa-auth-manager_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0025-apache_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0410-docker_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0145-mailscanner_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0120-horde_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0055-cimserver_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0130-imapd_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0235-puppet_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0015-aix-ipsec_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0475-mcafee_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0215-portsentry_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0385-wordpress_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0555-fireeye_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0085-dovecot_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0305-squid_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0430-cylance_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0007-wazuh-api_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0005-wazuh_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0360-vmware_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0280-serv-u_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0140-kernel_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0095-dropbear_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0520-msexchange-log-decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0135-imperva_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0345-unbound_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0315-su_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0065-cisco-ios_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0505-paloalto_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0275-sendmail_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0415-jenkins_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0075-clamav_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0390-zeus_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0060-cisco-estreamer_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0160-netscaler_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0240-pure-ftpd_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0063-pix_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0102-fortimail_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0245-racoon_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0050-checkpoint_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0378-mariadb_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0300-sophos_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0495-freepbs_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0425-qualysguard_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0205-pam_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0006-json_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0010-active-response_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0355-vm-pop3_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0575-eset-remote_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0100-fortigate_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0365-vpopmail_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0080-courier_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0250-redis_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0550-arbor_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0435-owncloud_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0450-openvas_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0485-nextcloud_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0335-telnet_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0465-azure_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0340-trend-osce_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0350-unix_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0325-suhosin_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0105-freeipa_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0540-gitlab_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0062-cisco-ftd_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0380-windows_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0270-samba_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0180-openbsd_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0230-proftpd_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0375-web-accesslog_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0190-openvpn_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0175-ntpd_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0064-cisco-asa_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0125-hp_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0310-ssh_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0101-fortiddos_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0455-pfsense_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0200-ossec_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0285-snort_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0525-f5_bigip_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0560-oracledb_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0070-cisco-vpn_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0290-solaris_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0490-junos_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0440-proxmox-ve_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0165-netscreen_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0195-oscap_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0035-asterisk_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0370-vsftpd_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0480-perdition_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0051-checkpoint-smart1_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0420-vshell_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0030-arpwatch_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0565-aws-eks-authenticator_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0045-barracuda_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0470-panda-paps_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0225-postgresql_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0320-sudo_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0220-postfix_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0330-symantec_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0379-dpkg_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0460-kaspersky_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0255-roundcube_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0185-openldap_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0115-grandstream_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0400-identity_guard_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0395-sqlserver_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0377-huawei-usg_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0170-nginx_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0405-mongodb_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0265-rshd_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0103-fortiauth_decoders.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: etc/decoders 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/local_decoder.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: ruleset/rules 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0505-vuls_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0017-wazuh-api_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0905-cisco-ftd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0870-sysmon_id_8.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0400-openvpn_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0375-usb_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0530-mysql_audit_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0545-osquery_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0260-nginx_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0695-f5_bigip_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0280-attack_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0285-systemd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0393-fortiauth_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0390-fortiddos_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0380-redis_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0120-symantec-av_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0340-puppet_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0392-fortimail_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0295-mysql_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0095-sshd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0025-sendmail_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0575-win-base_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0410-imperva_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0590-win-system_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0385-oscap_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0960-macos_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0850-audit_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0255-zeus_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0245-web_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0775-arbor_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0675-panda-paps_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0150-cimserver_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0460-jenkins_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0435-ms_logs_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0510-ciscat_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0555-azure_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0080-sonicwall_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0910-ms-exchange-proxylogon_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0490-virustotal_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0065-pix_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0430-ms_wdefender_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0810-sysmon_id_3.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0035-spamd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0345-netscaler_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0135-hordeimp_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0180-pure-ftpd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0225-mcafee_av_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0602-win-wfirewall_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0950-sysmon_id_20.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0500-owncloud_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0010-rules_config.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0210-vpn_concentrator_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0310-openbsd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0016-wazuh_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0585-win-application_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0420-freeipa_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0620-win-generic_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0520-vulnerability-detector_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0240-ids_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0055-courier_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-mcafee_epo_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0140-roundcube_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0185-vsftpd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0100-solaris_bsm_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0565-ms_ipsec_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0195-named_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0780-fireeye_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0165-vpopmail_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0030-postfix_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0480-qualysguard_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0550-kaspersky_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0900-firewall_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0325-opensmtpd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0860-sysmon_id_13.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0945-sysmon_id_10.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0750-github_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0610-win-ms_logs_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0391-fortigate_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0130-trend-osce_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0445-identity_guard_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-cisco-asa_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0920-oracledb_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0105-asterisk_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0535-mariadb_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0715-freepbx_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0690-gcp_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0200-smbd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0405-rsa-auth-manager_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0440-ms_sqlserver_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0090-telnetd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0580-win-security_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0040-imapd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0290-firewalld_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0755-office365_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0540-pfsense_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0335-unbound_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0785-huawei-usg_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0160-vmpop3d_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0045-mailscanner_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0705-sophos_fw_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0640-junos_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0770-gitlab_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0615-win-ms-se_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0085-pam_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0235-vmware_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0155-dovecot_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0470-vshell_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0275-squid_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0570-sca_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0170-ftpd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0265-php_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0600-win-wdefender_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0360-serv-u_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0205-racoon_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0250-apache_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0495-proxmox-ve_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0015-ossec_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0680-checkpoint-smart1_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0935-cloudflare-waf_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0075-cisco-ios_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0830-sysmon_id_11.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0630-nextcloud_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0300-postgresql_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0601-win-vipre_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0635-owlh-zeek_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0450-mongodb_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0190-ms_ftpd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0330-sysmon_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0350-amazon_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0990-amazon-security-lake_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0125-symantec-ws_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0925-eset-remote_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0485-cylance_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0050-ms-exchange_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0145-wordpress_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0175-proftpd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0605-win-mcafee_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0455-docker_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0070-netscreenfw_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0425-cisco-estreamer_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0315-apparmor_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0700-paloalto_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0415-sophos_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0320-clam_av_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0515-exim_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0230-ms-se_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0365-auditd_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0115-arpwatch_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0475-suricata_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0595-win-sysmon_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0560-docker_integration_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0395-hp_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0820-sysmon_id_7.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0800-sysmon_id_1.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0110-ms_dhcp_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0840-win_event_channel.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0270-web_appsec_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0220-msauth_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0525-openvas_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0020-syslog_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0915-win-powershell_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0305-dropbear_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: etc/rules 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/local_rules.xml 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:385 at Read_Rules(): DEBUG: Decoders added: 121 / excluded: 0 2023/05/10 20:18:24 wazuh-analysisd[153096] rules-config.c:386 at Read_Rules(): DEBUG: Rules added: 163 / excluded: 1 2023/05/10 20:18:24 wazuh-analysisd[153096] analysisd.c:403 at main(): DEBUG: Read configuration ... -------------------------------Captured log setup------------------------------- DEBUG wazuh_testing:conftest.py:978 Restarting wazuh-integratord DEBUG wazuh_testing:conftest.py:978 Restarting wazuh-db DEBUG wazuh_testing:conftest.py:978 Restarting wazuh-analysisd ----------------------------Captured stderr teardown---------------------------- 2023-05-10 20:18:26,692 - wazuh_testing - DEBUG - Stopping wazuh-integratord 2023-05-10 20:18:26,700 - wazuh_testing - DEBUG - Stopping wazuh-db 2023-05-10 20:18:27,507 - wazuh_testing - DEBUG - Stopping wazuh-analysisd -----------------------------Captured log teardown------------------------------ DEBUG wazuh_testing:conftest.py:998 Stopping wazuh-integratord DEBUG wazuh_testing:conftest.py:998 Stopping wazuh-db DEBUG wazuh_testing:conftest.py:998 Stopping wazuh-analysisd | |||||||
| Passed | 2023-05-10 20:18:34.625650 | test_integratord/test_alerts_reading.py::test_integratord_read_invalid_alerts[read_invalid_json_alert] | description: Check that when a given alert is inserted into alerts.json, integratord works as expected. If the alert. is invalid, broken, or overlong a message will appear in the ossec.log file. | 3.52 | server | 1 | |
|
-----------------------------Captured stderr setup------------------------------ 2023-05-10 20:18:27,565 - wazuh_testing - DEBUG - Restarting wazuh-integratord 2023-05-10 20:18:27,573 - wazuh_testing - DEBUG - Restarting wazuh-db 2023-05-10 20:18:27,580 - wazuh_testing - DEBUG - Restarting wazuh-analysisd 2023/05/10 20:18:27 wazuh-analysisd[153237] debug_op.c:70 at _log(): DEBUG: Logging module auto-initialized 2023/05/10 20:18:27 wazuh-analysisd[153237] analysisd.c:374 at main(): DEBUG: Wazuh home directory: /var/ossec 2023/05/10 20:18:27 wazuh-analysisd[153237] analysisd.c:389 at main(): DEBUG: Found user/group ... 2023/05/10 20:18:27 wazuh-analysisd[153237] analysisd.c:396 at main(): DEBUG: Active response initialized ... 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:193 at Read_Rules(): DEBUG: Adding decoder dir: ruleset/decoders 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:223 at Read_Rules(): DEBUG: Adding rules dir: ruleset/rules 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:177 at Read_Rules(): DEBUG: Excluding rule: 0215-policy_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:193 at Read_Rules(): DEBUG: Adding decoder dir: etc/decoders 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:223 at Read_Rules(): DEBUG: Adding rules dir: etc/rules 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: ruleset/decoders 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0155-named_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0510-sophos_fw_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0040-auditd_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0150-mysql_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0110-ftpd_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0295-sonicwall_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0090-dragon-nids_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0445-exim_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0580-macos_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0260-rsa-auth-manager_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0025-apache_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0410-docker_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0145-mailscanner_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0120-horde_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0055-cimserver_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0130-imapd_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0235-puppet_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0015-aix-ipsec_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0475-mcafee_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0215-portsentry_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0385-wordpress_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0555-fireeye_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0085-dovecot_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0305-squid_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0430-cylance_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0007-wazuh-api_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0005-wazuh_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0360-vmware_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0280-serv-u_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0140-kernel_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0095-dropbear_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0520-msexchange-log-decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0135-imperva_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0345-unbound_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0315-su_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0065-cisco-ios_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0505-paloalto_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0275-sendmail_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0415-jenkins_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0075-clamav_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0390-zeus_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0060-cisco-estreamer_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0160-netscaler_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0240-pure-ftpd_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0063-pix_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0102-fortimail_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0245-racoon_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0050-checkpoint_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0378-mariadb_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0300-sophos_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0495-freepbs_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0425-qualysguard_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0205-pam_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0006-json_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0010-active-response_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0355-vm-pop3_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0575-eset-remote_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0100-fortigate_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0365-vpopmail_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0080-courier_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0250-redis_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0550-arbor_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0435-owncloud_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0450-openvas_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0485-nextcloud_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0335-telnet_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0465-azure_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0340-trend-osce_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0350-unix_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0325-suhosin_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0105-freeipa_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0540-gitlab_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0062-cisco-ftd_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0380-windows_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0270-samba_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0180-openbsd_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0230-proftpd_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0375-web-accesslog_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0190-openvpn_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0175-ntpd_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0064-cisco-asa_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0125-hp_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0310-ssh_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0101-fortiddos_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0455-pfsense_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0200-ossec_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0285-snort_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0525-f5_bigip_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0560-oracledb_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0070-cisco-vpn_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0290-solaris_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0490-junos_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0440-proxmox-ve_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0165-netscreen_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0195-oscap_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0035-asterisk_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0370-vsftpd_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0480-perdition_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0051-checkpoint-smart1_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0420-vshell_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0030-arpwatch_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0565-aws-eks-authenticator_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0045-barracuda_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0470-panda-paps_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0225-postgresql_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0320-sudo_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0220-postfix_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0330-symantec_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0379-dpkg_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0460-kaspersky_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0255-roundcube_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0185-openldap_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0115-grandstream_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0400-identity_guard_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0395-sqlserver_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0377-huawei-usg_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0170-nginx_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0405-mongodb_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0265-rshd_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0103-fortiauth_decoders.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: etc/decoders 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/local_decoder.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: ruleset/rules 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0505-vuls_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0017-wazuh-api_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0905-cisco-ftd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0870-sysmon_id_8.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0400-openvpn_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0375-usb_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0530-mysql_audit_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0545-osquery_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0260-nginx_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0695-f5_bigip_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0280-attack_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0285-systemd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0393-fortiauth_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0390-fortiddos_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0380-redis_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0120-symantec-av_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0340-puppet_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0392-fortimail_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0295-mysql_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0095-sshd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0025-sendmail_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0575-win-base_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0410-imperva_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0590-win-system_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0385-oscap_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0960-macos_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0850-audit_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0255-zeus_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0245-web_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0775-arbor_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0675-panda-paps_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0150-cimserver_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0460-jenkins_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0435-ms_logs_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0510-ciscat_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0555-azure_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0080-sonicwall_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0910-ms-exchange-proxylogon_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0490-virustotal_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0065-pix_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0430-ms_wdefender_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0810-sysmon_id_3.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0035-spamd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0345-netscaler_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0135-hordeimp_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0180-pure-ftpd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0225-mcafee_av_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0602-win-wfirewall_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0950-sysmon_id_20.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0500-owncloud_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0010-rules_config.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0210-vpn_concentrator_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0310-openbsd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0016-wazuh_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0585-win-application_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0420-freeipa_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0620-win-generic_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0520-vulnerability-detector_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0240-ids_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0055-courier_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-mcafee_epo_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0140-roundcube_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0185-vsftpd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0100-solaris_bsm_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0565-ms_ipsec_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0195-named_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0780-fireeye_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0165-vpopmail_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0030-postfix_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0480-qualysguard_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0550-kaspersky_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0900-firewall_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0325-opensmtpd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0860-sysmon_id_13.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0945-sysmon_id_10.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0750-github_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0610-win-ms_logs_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0391-fortigate_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0130-trend-osce_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0445-identity_guard_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-cisco-asa_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0920-oracledb_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0105-asterisk_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0535-mariadb_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0715-freepbx_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0690-gcp_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0200-smbd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0405-rsa-auth-manager_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0440-ms_sqlserver_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0090-telnetd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0580-win-security_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0040-imapd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0290-firewalld_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0755-office365_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0540-pfsense_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0335-unbound_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0785-huawei-usg_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0160-vmpop3d_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0045-mailscanner_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0705-sophos_fw_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0640-junos_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0770-gitlab_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0615-win-ms-se_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0085-pam_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0235-vmware_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0155-dovecot_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0470-vshell_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0275-squid_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0570-sca_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0170-ftpd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0265-php_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0600-win-wdefender_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0360-serv-u_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0205-racoon_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0250-apache_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0495-proxmox-ve_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0015-ossec_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0680-checkpoint-smart1_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0935-cloudflare-waf_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0075-cisco-ios_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0830-sysmon_id_11.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0630-nextcloud_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0300-postgresql_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0601-win-vipre_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0635-owlh-zeek_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0450-mongodb_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0190-ms_ftpd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0330-sysmon_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0350-amazon_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0990-amazon-security-lake_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0125-symantec-ws_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0925-eset-remote_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0485-cylance_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0050-ms-exchange_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0145-wordpress_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0175-proftpd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0605-win-mcafee_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0455-docker_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0070-netscreenfw_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0425-cisco-estreamer_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0315-apparmor_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0700-paloalto_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0415-sophos_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0320-clam_av_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0515-exim_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0230-ms-se_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0365-auditd_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0115-arpwatch_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0475-suricata_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0595-win-sysmon_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0560-docker_integration_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0395-hp_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0820-sysmon_id_7.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0800-sysmon_id_1.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0110-ms_dhcp_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0840-win_event_channel.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0270-web_appsec_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0220-msauth_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0525-openvas_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0020-syslog_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0915-win-powershell_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0305-dropbear_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: etc/rules 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/local_rules.xml 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:385 at Read_Rules(): DEBUG: Decoders added: 121 / excluded: 0 2023/05/10 20:18:27 wazuh-analysisd[153237] rules-config.c:386 at Read_Rules(): DEBUG: Rules added: 163 / excluded: 1 2023/05/10 20:18:27 wazuh-analysisd[153237] analysisd.c:403 at main(): DEBUG: Read configuration ... -------------------------------Captured log setup------------------------------- DEBUG wazuh_testing:conftest.py:978 Restarting wazuh-integratord DEBUG wazuh_testing:conftest.py:978 Restarting wazuh-db DEBUG wazuh_testing:conftest.py:978 Restarting wazuh-analysisd ----------------------------Captured stderr teardown---------------------------- 2023-05-10 20:18:30,270 - wazuh_testing - DEBUG - Stopping wazuh-integratord 2023-05-10 20:18:30,280 - wazuh_testing - DEBUG - Stopping wazuh-db 2023-05-10 20:18:31,049 - wazuh_testing - DEBUG - Stopping wazuh-analysisd -----------------------------Captured log teardown------------------------------ DEBUG wazuh_testing:conftest.py:998 Stopping wazuh-integratord DEBUG wazuh_testing:conftest.py:998 Stopping wazuh-db DEBUG wazuh_testing:conftest.py:998 Stopping wazuh-analysisd | |||||||
| Passed | 2023-05-10 20:18:34.625897 | test_integratord/test_alerts_reading.py::test_integratord_read_invalid_alerts[read_overlong_json_alert] | description: Check that when a given alert is inserted into alerts.json, integratord works as expected. If the alert. is invalid, broken, or overlong a message will appear in the ossec.log file. | 3.52 | server | 1 | |
|
-----------------------------Captured stderr setup------------------------------ 2023-05-10 20:18:31,104 - wazuh_testing - DEBUG - Restarting wazuh-integratord 2023-05-10 20:18:31,113 - wazuh_testing - DEBUG - Restarting wazuh-db 2023-05-10 20:18:31,119 - wazuh_testing - DEBUG - Restarting wazuh-analysisd 2023/05/10 20:18:31 wazuh-analysisd[153354] debug_op.c:70 at _log(): DEBUG: Logging module auto-initialized 2023/05/10 20:18:31 wazuh-analysisd[153354] analysisd.c:374 at main(): DEBUG: Wazuh home directory: /var/ossec 2023/05/10 20:18:31 wazuh-analysisd[153354] analysisd.c:389 at main(): DEBUG: Found user/group ... 2023/05/10 20:18:31 wazuh-analysisd[153354] analysisd.c:396 at main(): DEBUG: Active response initialized ... 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:193 at Read_Rules(): DEBUG: Adding decoder dir: ruleset/decoders 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:223 at Read_Rules(): DEBUG: Adding rules dir: ruleset/rules 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:177 at Read_Rules(): DEBUG: Excluding rule: 0215-policy_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:193 at Read_Rules(): DEBUG: Adding decoder dir: etc/decoders 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:223 at Read_Rules(): DEBUG: Adding rules dir: etc/rules 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: ruleset/decoders 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0155-named_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0510-sophos_fw_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0040-auditd_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0150-mysql_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0110-ftpd_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0295-sonicwall_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0090-dragon-nids_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0445-exim_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0580-macos_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0260-rsa-auth-manager_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0025-apache_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0410-docker_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0145-mailscanner_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0120-horde_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0055-cimserver_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0130-imapd_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0235-puppet_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0015-aix-ipsec_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0475-mcafee_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0215-portsentry_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0385-wordpress_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0555-fireeye_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0085-dovecot_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0305-squid_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0430-cylance_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0007-wazuh-api_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0005-wazuh_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0360-vmware_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0280-serv-u_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0140-kernel_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0095-dropbear_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0520-msexchange-log-decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0135-imperva_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0345-unbound_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0315-su_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0065-cisco-ios_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0505-paloalto_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0275-sendmail_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0415-jenkins_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0075-clamav_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0390-zeus_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0060-cisco-estreamer_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0160-netscaler_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0240-pure-ftpd_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0063-pix_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0102-fortimail_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0245-racoon_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0050-checkpoint_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0378-mariadb_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0300-sophos_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0495-freepbs_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0425-qualysguard_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0205-pam_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0006-json_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0010-active-response_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0355-vm-pop3_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0575-eset-remote_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0100-fortigate_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0365-vpopmail_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0080-courier_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0250-redis_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0550-arbor_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0435-owncloud_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0450-openvas_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0485-nextcloud_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0335-telnet_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0465-azure_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0340-trend-osce_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0350-unix_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0325-suhosin_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0105-freeipa_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0540-gitlab_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0062-cisco-ftd_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0380-windows_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0270-samba_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0180-openbsd_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0230-proftpd_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0375-web-accesslog_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0190-openvpn_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0175-ntpd_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0064-cisco-asa_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0125-hp_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0310-ssh_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0101-fortiddos_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0455-pfsense_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0200-ossec_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0285-snort_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0525-f5_bigip_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0560-oracledb_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0070-cisco-vpn_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0290-solaris_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0490-junos_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0440-proxmox-ve_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0165-netscreen_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0195-oscap_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0035-asterisk_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0370-vsftpd_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0480-perdition_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0051-checkpoint-smart1_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0420-vshell_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0030-arpwatch_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0565-aws-eks-authenticator_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0045-barracuda_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0470-panda-paps_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0225-postgresql_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0320-sudo_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0220-postfix_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0330-symantec_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0379-dpkg_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0460-kaspersky_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0255-roundcube_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0185-openldap_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0115-grandstream_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0400-identity_guard_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0395-sqlserver_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0377-huawei-usg_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0170-nginx_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0405-mongodb_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0265-rshd_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: ruleset/decoders/0103-fortiauth_decoders.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:278 at Read_Rules(): DEBUG: Reading decoders folder: etc/decoders 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:318 at Read_Rules(): DEBUG: Adding decoder: etc/decoders/local_decoder.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: ruleset/rules 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0505-vuls_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0017-wazuh-api_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0905-cisco-ftd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0870-sysmon_id_8.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0400-openvpn_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0375-usb_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0530-mysql_audit_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0545-osquery_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0260-nginx_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0695-f5_bigip_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0280-attack_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0285-systemd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0393-fortiauth_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0390-fortiddos_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0380-redis_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0120-symantec-av_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0340-puppet_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0392-fortimail_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0295-mysql_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0095-sshd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0025-sendmail_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0575-win-base_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0410-imperva_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0590-win-system_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0385-oscap_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0960-macos_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0850-audit_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0255-zeus_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0245-web_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0775-arbor_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0675-panda-paps_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0150-cimserver_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0460-jenkins_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0435-ms_logs_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0510-ciscat_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0555-azure_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0080-sonicwall_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0910-ms-exchange-proxylogon_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0490-virustotal_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0065-pix_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0430-ms_wdefender_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0810-sysmon_id_3.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0035-spamd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0345-netscaler_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0135-hordeimp_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0180-pure-ftpd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0225-mcafee_av_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0602-win-wfirewall_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0950-sysmon_id_20.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0500-owncloud_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0010-rules_config.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0210-vpn_concentrator_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0310-openbsd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0016-wazuh_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0585-win-application_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0420-freeipa_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0620-win-generic_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0520-vulnerability-detector_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0240-ids_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0055-courier_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-mcafee_epo_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0140-roundcube_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0185-vsftpd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0100-solaris_bsm_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0565-ms_ipsec_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0195-named_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0780-fireeye_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0165-vpopmail_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0030-postfix_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0480-qualysguard_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0550-kaspersky_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0900-firewall_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0325-opensmtpd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0860-sysmon_id_13.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0945-sysmon_id_10.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0750-github_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0610-win-ms_logs_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0391-fortigate_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0130-trend-osce_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0445-identity_guard_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0625-cisco-asa_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0920-oracledb_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0105-asterisk_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0535-mariadb_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0715-freepbx_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0690-gcp_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0200-smbd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0405-rsa-auth-manager_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0440-ms_sqlserver_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0090-telnetd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0580-win-security_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0040-imapd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0290-firewalld_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0755-office365_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0540-pfsense_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0335-unbound_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0785-huawei-usg_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0160-vmpop3d_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0045-mailscanner_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0705-sophos_fw_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0640-junos_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0770-gitlab_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0615-win-ms-se_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0085-pam_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0235-vmware_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0155-dovecot_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0470-vshell_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0275-squid_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0570-sca_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0170-ftpd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0265-php_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0600-win-wdefender_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0360-serv-u_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0205-racoon_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0250-apache_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0495-proxmox-ve_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0015-ossec_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0680-checkpoint-smart1_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0935-cloudflare-waf_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0075-cisco-ios_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0830-sysmon_id_11.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0630-nextcloud_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0300-postgresql_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0601-win-vipre_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0635-owlh-zeek_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0450-mongodb_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0190-ms_ftpd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0330-sysmon_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0350-amazon_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0990-amazon-security-lake_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0125-symantec-ws_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0925-eset-remote_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0485-cylance_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0050-ms-exchange_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0145-wordpress_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0175-proftpd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0605-win-mcafee_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0455-docker_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0070-netscreenfw_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0425-cisco-estreamer_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0315-apparmor_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0700-paloalto_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0415-sophos_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0320-clam_av_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0515-exim_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0230-ms-se_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0365-auditd_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0115-arpwatch_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0475-suricata_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0595-win-sysmon_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0560-docker_integration_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0395-hp_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0820-sysmon_id_7.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0800-sysmon_id_1.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0110-ms_dhcp_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0840-win_event_channel.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0270-web_appsec_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0220-msauth_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0525-openvas_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0020-syslog_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0915-win-powershell_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: ruleset/rules/0305-dropbear_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:331 at Read_Rules(): DEBUG: Reading rules folder: etc/rules 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:371 at Read_Rules(): DEBUG: Adding rule: etc/rules/local_rules.xml 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:385 at Read_Rules(): DEBUG: Decoders added: 121 / excluded: 0 2023/05/10 20:18:31 wazuh-analysisd[153354] rules-config.c:386 at Read_Rules(): DEBUG: Rules added: 163 / excluded: 1 2023/05/10 20:18:31 wazuh-analysisd[153354] analysisd.c:403 at main(): DEBUG: Read configuration ... -------------------------------Captured log setup------------------------------- DEBUG wazuh_testing:conftest.py:978 Restarting wazuh-integratord DEBUG wazuh_testing:conftest.py:978 Restarting wazuh-db DEBUG wazuh_testing:conftest.py:978 Restarting wazuh-analysisd ----------------------------Captured stderr teardown---------------------------- 2023-05-10 20:18:33,847 - wazuh_testing - DEBUG - Stopping wazuh-integratord 2023-05-10 20:18:33,860 - wazuh_testing - DEBUG - Stopping wazuh-db 2023-05-10 20:18:34,583 - wazuh_testing - DEBUG - Stopping wazuh-analysisd 2023-05-10 20:18:34,622 - wazuh_testing - DEBUG - Restore local_internal_option to {} -----------------------------Captured log teardown------------------------------ DEBUG wazuh_testing:conftest.py:998 Stopping wazuh-integratord DEBUG wazuh_testing:conftest.py:998 Stopping wazuh-db DEBUG wazuh_testing:conftest.py:998 Stopping wazuh-analysisd DEBUG wazuh_testing:conftest.py:629 Restore local_internal_option to {} | |||||||