Search Results

This guide explains how to recover from the Windows Server Blue Screen: STOP CODE: 0xC00002E2 STATUS_DS_INIT_FAILURE This typically occurs when: ntds.dit was restored manually SYSVOL was restored manually BurFlags may have been set The server was ...

This guide documents the procedures for maintaining Wazuh agents on Ubuntu 22.04/24.04, with specific instructions for Docker monitoring and manual ID preservation. 1. Agent Version Control (Critical) Constraint: The Wazuh Manager version must always be ...

If you keep seeing “Wazuh dashboard server is not ready yet” in a loop, the Wazuh Dashboard is almost always stuck on a migration lock. This typically happens after an interrupted upgrade or restart. 🔐 Security Warning Never store real credentials in docum...

By default, Linux has a "swappiness" value of 60. Lowering this to 10 tells the kernel to avoid using the slow disk swap and prioritize the fast physical RAM, which is critical for Wazuh Indexer performance. 1 Check Current Swappiness Run th...

The "Another process is migrating" error occurs when the dashboard service is interrupted while recreating its internal indices. Follow these steps in exact order to clear the lock. 1 Stop the Dashboard Service You must stop the service to e...

The default dashboard logs are dense JSON strings. Use these filtered commands to see exactly what is happening during a migration without the "noise". 1 Filter for Migration Progress This command hides the repetitive warnings and only shows...

The Wazuh Dashboard logs are JSON-formatted, but standard journalctl prepends timestamps that break JSON parsers. Use these commands to see perfectly formatted, readable logs. 1 View Pretty-Printed JSON The -o cat flag removes the OS timesta...

When an agent shows as Disconnected, it is usually due to a service failure on the endpoint or a network/firewall block between the endpoint and the Wazuh Manager. 1 Restart Service on Hestia VM Log into the Hestia VM and restart the agent. ...