Wazuh Ruleset Versions Save

Wazuh - Ruleset

v4.0.4

3 years ago

There are no changes to Wazuh Ruleset in this version.

v4.0.3

3 years ago

There are no changes to Wazuh Ruleset in this version.

v4.0.2

3 years ago

There are no changes to Wazuh Ruleset in this version.

v4.0.1

3 years ago

Fixed

  • Removed duplicated Windows rules for EventChannel. (#771)

v4.0.0

3 years ago

Changed

  • Changed compliance rules groups and removed alert_by_email option by default. (#559)
  • Let the Ruleset update tool pick up the current version branch by default. (#753)

v3.13.2

3 years ago

There are no changes for Wazuh Ruleset in this version.

v3.13.1

3 years ago

There are no changes for Wazuh Ruleset in this version.

v3.13.0

3 years ago

Added

  • Added rules and decoders for macOS sshd logs (#593)
  • Added TSC/SOC compliance mapping (#613)
  • Added rules and decoders for PaloAlto logs (#658)
  • Added rules and decoder to monitor the FIM database status. (#4717)
  • Added rules for WAF. (#687)

Changed

  • Changed description of Vulnerability Detector rules (#638)
  • Changed squid decoders (#672)

Fixed

  • Fix the provider name so that Windows Eventlog logs match with the Wazuh rules. (#662)
  • Fixed static filters related to the system_name field. (#684)
  • Remove trailing whitespaces in the group name section of the ruleset. Thanks to Kevin Branch (@branchnetconsulting). (#667)
  • Remove invalid zeroes from rules id. Thanks to @lucanus81. (#691)

v3.12.3

4 years ago

There are no changes for Wazuh Ruleset in this version.

v3.12.2

4 years ago

There are no changes for Wazuh Ruleset in this version.