Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove alerts.json references and manager integrations #385

Merged
merged 4 commits into from
Sep 9, 2024
Merged

Remove alerts.json references and manager integrations #385

merged 4 commits into from
Sep 9, 2024

Conversation

f-galland
Copy link
Member

Description

This PR removes references to the old alerts.json file on the integrations' events generator as well as removing the docker compose files for manager-level integrations.

Issues Resolved

Resolves #303

Check List

  • New functionality includes testing.
    • All tests pass
  • New functionality has been documented.
    • New functionality has javadoc added
  • Failing checks are inspected and point to the corresponding known issue(s) (See: Troubleshooting Failing Builds)
  • Commits are signed per the DCO using --signoff
  • Commit changes are listed out in CHANGELOG.md file (See: Changelog)
  • Public documentation issue/PR created

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@f-galland
Copy link
Member Author

  • The events generator is still running as expected
events-generator logs 
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'mQ8I15EB_MAu6_iPMIUU', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 0, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'mg8I15EB_MAu6_iPQ4X4', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 1, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'mw8I15EB_MAu6_iPV4XB', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 2, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'nA8I15EB_MAu6_iPa4WV', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 3, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'nQ8I15EB_MAu6_iPf4VQ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 4, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ng8I15EB_MAu6_iPkoX9', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 5, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'nw8I15EB_MAu6_iPpoWp', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 6, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'oA8I15EB_MAu6_iPuoVU', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 7, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'oQ8I15EB_MAu6_iPzoUJ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 8, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'og8I15EB_MAu6_iP4YXb', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 9, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ow8I15EB_MAu6_iP9YWM', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 10, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'pA8J15EB_MAu6_iPCYVD', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 11, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'pQ8J15EB_MAu6_iPHIXv', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 12, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'pg8J15EB_MAu6_iPMIWi', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 13, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'pw8J15EB_MAu6_iPRIVL', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 14, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'qA8J15EB_MAu6_iPWIUJ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 15, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'qQ8J15EB_MAu6_iPa4W0', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 16, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'qg8J15EB_MAu6_iPf4V5', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 17, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'qw8J15EB_MAu6_iPk4U-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 18, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'rA8J15EB_MAu6_iPpoXm', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 19, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'rQ8J15EB_MAu6_iPuoWQ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 20, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'rg8J15EB_MAu6_iPzoVD', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 21, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'rw8J15EB_MAu6_iP4YXp', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 22, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'sA8J15EB_MAu6_iP9YWh', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 23, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'sQ8K15EB_MAu6_iPCYVW', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 24, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'sg8K15EB_MAu6_iPHYUP', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 25, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'sw8K15EB_MAu6_iPMYUE', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 26, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'tA8K15EB_MAu6_iPRIW8', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 27, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'tQ8K15EB_MAu6_iPWIV6', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 28, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'tg8K15EB_MAu6_iPbIUm', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 29, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'tw8K15EB_MAu6_iPf4Xu', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 30, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'uA8K15EB_MAu6_iPk4Wl', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 31, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'uQ8K15EB_MAu6_iPp4VS', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 32, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ug8K15EB_MAu6_iPu4US', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 33, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'uw8K15EB_MAu6_iPzoW_', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 34, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'vA8K15EB_MAu6_iP4oVu', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 35, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'vQ8K15EB_MAu6_iP9oUn', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 36, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'vg8L15EB_MAu6_iPCYXi', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 37, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'vw8L15EB_MAu6_iPHYWR', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 38, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'wA8L15EB_MAu6_iPMYVL', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 39, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'wQ8L15EB_MAu6_iPRIX2', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 40, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'wg8L15EB_MAu6_iPWIWi', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 41, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ww8L15EB_MAu6_iPbIVe', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 42, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'xA8L15EB_MAu6_iPgIUS', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 43, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'xQ8L15EB_MAu6_iPk4XG', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 44, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'xg8L15EB_MAu6_iPp4V9', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 45, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'xw8L15EB_MAu6_iPu4Up', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 46, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'yA8L15EB_MAu6_iPzoXW', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 47, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'yQ8L15EB_MAu6_iP4oWO', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 48, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'yg8L15EB_MAu6_iP9oU3', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 49, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'yw8M15EB_MAu6_iPCYXf', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 50, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'zA8M15EB_MAu6_iPHYWP', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 51, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'zQ8M15EB_MAu6_iPMYU2', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 52, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'zg8M15EB_MAu6_iPRIXh', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 53, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'zw8M15EB_MAu6_iPWIWX', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 54, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '0A8M15EB_MAu6_iPbIWD', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 55, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '0Q8M15EB_MAu6_iPgIUz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 56, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '0g8M15EB_MAu6_iPk4Xe', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 57, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '0w8M15EB_MAu6_iPp4WM', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 58, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '1A8M15EB_MAu6_iPu4VF', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 59, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '1Q8M15EB_MAu6_iPzoXt', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 60, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '1g8M15EB_MAu6_iP4oWh', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 61, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '1w8M15EB_MAu6_iP9oVY', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 62, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '2A8N15EB_MAu6_iPCoUB', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 63, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '2Q8N15EB_MAu6_iPHYWq', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 64, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '2g8N15EB_MAu6_iPMYV6', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 65, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '2w8N15EB_MAu6_iPRYUg', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 66, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '3A8N15EB_MAu6_iPWIXX', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 67, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '3Q8N15EB_MAu6_iPbIWN', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 68, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '3g8N15EB_MAu6_iPgIVH', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 69, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '3w8N15EB_MAu6_iPk4X5', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 70, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '4A8N15EB_MAu6_iPp4Wt', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 71, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '4Q8N15EB_MAu6_iPu4V-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 72, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '4g8N15EB_MAu6_iPz4U0', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 73, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '4w8N15EB_MAu6_iP4oXe', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 74, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '5A8N15EB_MAu6_iP9oWG', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 75, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '5Q8O15EB_MAu6_iPCoUq', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 76, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '5g8O15EB_MAu6_iPHYXY', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 77, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '5w8O15EB_MAu6_iPMYWR', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 78, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '6A8O15EB_MAu6_iPRYVB', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 79, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '6Q8O15EB_MAu6_iPWIX2', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 80, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '6g8O15EB_MAu6_iPbIWh', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 81, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '6w8O15EB_MAu6_iPgIVL', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 82, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '7A8O15EB_MAu6_iPlIUE', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 83, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '7Q8O15EB_MAu6_iPp4W8', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 84, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '7g8O15EB_MAu6_iPu4V0', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 85, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '7w8O15EB_MAu6_iPz4Ut', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 86, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '8A8O15EB_MAu6_iP4oXW', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 87, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '8Q8O15EB_MAu6_iP9oWP', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 88, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '8g8P15EB_MAu6_iPCoU0', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 89, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '8w8P15EB_MAu6_iPHYXa', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 90, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '9A8P15EB_MAu6_iPMYWP', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 91, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '9Q8P15EB_MAu6_iPRYVB', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 92, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '9g8P15EB_MAu6_iPWIXs', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 93, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '9w8P15EB_MAu6_iPbIWT', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 94, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '-A8P15EB_MAu6_iPgIVm', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 95, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '-Q8P15EB_MAu6_iPlIUQ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 96, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '-g8P15EB_MAu6_iPp4W-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 97, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '-w8P15EB_MAu6_iPu4V1', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 98, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '_A8P15EB_MAu6_iPz4VG', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 99, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '_Q8P15EB_MAu6_iP4oXu', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 100, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '_g8P15EB_MAu6_iP9oWW', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 101, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '_w8Q15EB_MAu6_iPCoU-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 102, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'AA8Q15EB_MAu6_iPHYbh', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 103, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'AQ8Q15EB_MAu6_iPMYaU', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 104, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Ag8Q15EB_MAu6_iPRYY-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 105, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Aw8Q15EB_MAu6_iPWIbl', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 106, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'BA8Q15EB_MAu6_iPbIaO', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 107, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'BQ8Q15EB_MAu6_iPgIZC', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 108, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Bg8Q15EB_MAu6_iPk4b_', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 109, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Bw8Q15EB_MAu6_iPp4az', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 110, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'CA8Q15EB_MAu6_iPu4Za', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 111, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'CQ8Q15EB_MAu6_iPz4YD', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 112, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Cg8Q15EB_MAu6_iP4oav', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 113, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Cw8Q15EB_MAu6_iP9oZZ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 114, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'DA8R15EB_MAu6_iPCoYB', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 115, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'DQ8R15EB_MAu6_iPHYa2', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 116, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Dg8R15EB_MAu6_iPMYZf', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 117, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Dw8R15EB_MAu6_iPRYYJ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 118, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'EA8R15EB_MAu6_iPWIaz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 119, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'EQ8R15EB_MAu6_iPbIZ4', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 120, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Eg8R15EB_MAu6_iPgIYc', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 121, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Ew8R15EB_MAu6_iPk4bU', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 122, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'FA8R15EB_MAu6_iPp4aO', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 123, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'FQ8R15EB_MAu6_iPu4Yz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 124, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Fg8R15EB_MAu6_iPzobZ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 125, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Fw8R15EB_MAu6_iP4oaN', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 126, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'GA8R15EB_MAu6_iP9oY0', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 127, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'GQ8S15EB_MAu6_iPCYbd', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 128, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Gg8S15EB_MAu6_iPHYaU', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 129, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Gw8S15EB_MAu6_iPMYZM', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 130, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'HA8S15EB_MAu6_iPRYYB', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 131, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'HQ8S15EB_MAu6_iPWIbQ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 132, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Hg8S15EB_MAu6_iPbIZ6', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 133, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Hw8S15EB_MAu6_iPgIYz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 134, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'IA8S15EB_MAu6_iPk4bb', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 135, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'IQ8S15EB_MAu6_iPp4aj', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 136, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Ig8S15EB_MAu6_iPu4ZK', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 137, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Iw8S15EB_MAu6_iPzobx', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 138, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'JA8S15EB_MAu6_iP4oaZ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 139, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'JQ8S15EB_MAu6_iP9oZN', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 140, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Jg8T15EB_MAu6_iPCYbz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 141, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Jw8T15EB_MAu6_iPHYbC', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 142, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'KA8T15EB_MAu6_iPMYZr', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 143, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'KQ8T15EB_MAu6_iPRYYU', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 144, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Kg8T15EB_MAu6_iPWIa5', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 145, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Kw8T15EB_MAu6_iPbIZg', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 146, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'LA8T15EB_MAu6_iPgIYI', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 147, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'LQ8T15EB_MAu6_iPk4bG', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 148, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Lg8T15EB_MAu6_iPp4Zo', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 149, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Lw8T15EB_MAu6_iPu4YZ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 150, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'MA8T15EB_MAu6_iPzoa-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 151, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'MQ8T15EB_MAu6_iP4oZ0', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 152, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Mg8T15EB_MAu6_iP9oYZ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 153, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Mw8U15EB_MAu6_iPCYbA', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 154, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'NA8U15EB_MAu6_iPHYZz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 155, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'NQ8U15EB_MAu6_iPMYYm', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 156, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Ng8U15EB_MAu6_iPRIbQ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 157, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Nw8U15EB_MAu6_iPWIZ4', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 158, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'OA8U15EB_MAu6_iPbIYi', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 159, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'OQ8U15EB_MAu6_iPf4bK', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 160, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Og8U15EB_MAu6_iPk4Zz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 161, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Ow8U15EB_MAu6_iPp4Yn', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 162, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'PA8U15EB_MAu6_iPuobQ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 163, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'PQ8U15EB_MAu6_iPzoaA', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 164, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Pg8U15EB_MAu6_iP4oYl', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 165, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Pw8U15EB_MAu6_iP9YbM', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 166, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'QA8V15EB_MAu6_iPCYaA', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 167, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'QQ8V15EB_MAu6_iPHYYz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 168, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Qg8V15EB_MAu6_iPMIbx', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 169, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Qw8V15EB_MAu6_iPRIaj', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 170, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'RA8V15EB_MAu6_iPWIZJ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 171, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'RQ8V15EB_MAu6_iPa4bu', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 172, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Rg8V15EB_MAu6_iPf4ai', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 173, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Rw8V15EB_MAu6_iPk4aH', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 174, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'SA8V15EB_MAu6_iPp4Yu', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 175, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'SQ8V15EB_MAu6_iPuobX', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 176, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Sg8V15EB_MAu6_iPzoZ-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 177, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Sw8V15EB_MAu6_iP4oYi', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 178, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'TA8V15EB_MAu6_iP9YbL', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 179, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'TQ8W15EB_MAu6_iPCYaC', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 180, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Tg8W15EB_MAu6_iPHYYy', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 181, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Tw8W15EB_MAu6_iPMIbY', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 182, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'UA8W15EB_MAu6_iPRIZ-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 183, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'UQ8W15EB_MAu6_iPWIYz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 184, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Ug8W15EB_MAu6_iPa4ba', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 185, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Uw8W15EB_MAu6_iPf4aO', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 186, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'VA8W15EB_MAu6_iPk4ZC', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 187, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'VQ8W15EB_MAu6_iPpoby', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 188, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Vg8W15EB_MAu6_iPuoag', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 189, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Vw8W15EB_MAu6_iPzoZW', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 190, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'WA8W15EB_MAu6_iP4oYl', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 191, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'WQ8W15EB_MAu6_iP9Yb3', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 192, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Wg8X15EB_MAu6_iPCYag', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 193, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Ww8X15EB_MAu6_iPHYZF', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 194, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'XA8X15EB_MAu6_iPMIb5', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 195, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'XQ8X15EB_MAu6_iPRIag', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 196, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Xg8X15EB_MAu6_iPWIZI', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 197, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Xw8X15EB_MAu6_iPa4bw', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 198, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'YA8X15EB_MAu6_iPf4aj', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 199, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'YQ8X15EB_MAu6_iPk4ZK', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 200, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Yg8X15EB_MAu6_iPpobw', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 201, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Yw8X15EB_MAu6_iPuoao', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 202, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ZA8X15EB_MAu6_iPzoZ4', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 203, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ZQ8X15EB_MAu6_iP4oZI', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 204, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Zg8X15EB_MAu6_iP9oYB', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 205, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'Zw8Y15EB_MAu6_iPCYao', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 206, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'aA8Y15EB_MAu6_iPHYZi', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 207, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'aQ8Y15EB_MAu6_iPMYYK', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 208, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ag8Y15EB_MAu6_iPRIaz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 209, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'aw8Y15EB_MAu6_iPWIZl', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 210, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'bA8Y15EB_MAu6_iPbIYZ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 211, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'bQ8Y15EB_MAu6_iPf4a-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 212, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'bg8Y15EB_MAu6_iPk4Zn', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 213, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'bw8Y15EB_MAu6_iPp4YQ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 214, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'cA8Y15EB_MAu6_iPuoa-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 215, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'cQ8Y15EB_MAu6_iPzoZt', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 216, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'cg8Y15EB_MAu6_iP4oYW', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 217, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'cw8Y15EB_MAu6_iP9Ya_', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 218, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'dA8Z15EB_MAu6_iPCYZn', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 219, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'dQ8Z15EB_MAu6_iPHYYQ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 220, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'dg8Z15EB_MAu6_iPMIa5', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 221, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'dw8Z15EB_MAu6_iPRIZp', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 222, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'eA8Z15EB_MAu6_iPWIYf', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 223, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'eQ8Z15EB_MAu6_iPa4bG', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 224, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'eg8Z15EB_MAu6_iPf4Zt', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 225, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ew8Z15EB_MAu6_iPk4YV', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 226, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'fA8Z15EB_MAu6_iPpoa-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 227, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'fQ8Z15EB_MAu6_iPuoZw', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 228, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'fg8Z15EB_MAu6_iPzoYg', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 229, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'fw8Z15EB_MAu6_iP4YbJ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 230, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'gA8Z15EB_MAu6_iP9YZw', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 231, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'gQ8a15EB_MAu6_iPCYYZ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 232, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'gg8a15EB_MAu6_iPHIbB', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 233, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'gw8a15EB_MAu6_iPMIZ1', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 234, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'hA8a15EB_MAu6_iPRIYg', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 235, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'hQ8a15EB_MAu6_iPV4bG', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 236, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'hg8a15EB_MAu6_iPa4Zt', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 237, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'hw8a15EB_MAu6_iPf4YV', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 238, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'iA8a15EB_MAu6_iPkobp', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 239, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'iQ8a15EB_MAu6_iPpoac', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 240, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ig8a15EB_MAu6_iPuoZE', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 241, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'iw8a15EB_MAu6_iPzYbo', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 242, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'jA8a15EB_MAu6_iP4Yaa', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 243, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'jQ8a15EB_MAu6_iP9YZI', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 244, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'jg8b15EB_MAu6_iPCIb9', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 245, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'jw8b15EB_MAu6_iPHIa1', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 246, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'kA8b15EB_MAu6_iPMIZq', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 247, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'kQ8b15EB_MAu6_iPRIYg', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 248, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'kg8b15EB_MAu6_iPV4bE', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 249, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'kw8b15EB_MAu6_iPa4Zo', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 250, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'lA8b15EB_MAu6_iPf4Y6', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 251, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'lQ8b15EB_MAu6_iPkobi', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 252, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'lg8b15EB_MAu6_iPpoax', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 253, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'lw8b15EB_MAu6_iPuoZq', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 254, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'mA8b15EB_MAu6_iPzoYT', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 255, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'mQ8b15EB_MAu6_iP4YbM', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 256, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'mg8b15EB_MAu6_iP9YZ_', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 257, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'mw8c15EB_MAu6_iPCYYo', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 258, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'nA8c15EB_MAu6_iPHIbR', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 259, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'nQ8c15EB_MAu6_iPMIZ4', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 260, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ng8c15EB_MAu6_iPRIYf', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 261, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'nw8c15EB_MAu6_iPV4bF', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 262, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'oA8c15EB_MAu6_iPa4Z2', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 263, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'oQ8c15EB_MAu6_iPf4Yd', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 264, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'og8c15EB_MAu6_iPkobE', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 265, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ow8c15EB_MAu6_iPpoZ-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 266, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'pA8c15EB_MAu6_iPuoY0', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 267, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'pQ8c15EB_MAu6_iPzYb-', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 268, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'pg8c15EB_MAu6_iP4Yaz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 269, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'pw8c15EB_MAu6_iP9YZd', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 270, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'qA8d15EB_MAu6_iPCYYr', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 271, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'qQ8d15EB_MAu6_iPHIbe', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 272, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'qg8d15EB_MAu6_iPMIaS', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 273, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'qw8d15EB_MAu6_iPRIY5', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 274, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'rA8d15EB_MAu6_iPV4bi', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 275, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'rQ8d15EB_MAu6_iPa4aO', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 276, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'rg8d15EB_MAu6_iPf4Y3', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 277, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'rw8d15EB_MAu6_iPkobb', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 278, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'sA8d15EB_MAu6_iPpoaA', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 279, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'sQ8d15EB_MAu6_iPuoYl', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 280, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'sg8d15EB_MAu6_iPzYbP', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 281, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'sw8d15EB_MAu6_iP4YZz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 282, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'tA8d15EB_MAu6_iP9YYi', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 283, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'tQ8e15EB_MAu6_iPCIbL', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 284, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'tg8e15EB_MAu6_iPHIZw', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 285, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'tw8e15EB_MAu6_iPMIYj', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 286, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'uA8e15EB_MAu6_iPQ4bN', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 287, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'uQ8e15EB_MAu6_iPV4Z2', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 288, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ug8e15EB_MAu6_iPa4Ym', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 289, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'uw8e15EB_MAu6_iPfobM', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 290, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'vA8e15EB_MAu6_iPkoZz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 291, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'vQ8e15EB_MAu6_iPpoYa', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 292, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'vg8e15EB_MAu6_iPuYbB', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 293, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'vw8e15EB_MAu6_iPzYZn', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 294, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'wA8e15EB_MAu6_iP4YYb', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 295, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'wQ8e15EB_MAu6_iP9IbE', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 296, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'wg8f15EB_MAu6_iPCIZn', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 297, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'ww8f15EB_MAu6_iPHIYO', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 298, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'xA8f15EB_MAu6_iPL4bV', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 299, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'xQ8f15EB_MAu6_iPQ4Z7', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 300, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'xg8f15EB_MAu6_iPV4Yf', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 301, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'xw8f15EB_MAu6_iPaobG', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 302, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'yA8f15EB_MAu6_iPfoZt', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 303, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'yQ8f15EB_MAu6_iPkoYV', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 304, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'yg8f15EB_MAu6_iPpYbI', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 305, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'yw8f15EB_MAu6_iPuYZ9', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 306, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'zA8f15EB_MAu6_iPzYYm', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 307, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'zQ8f15EB_MAu6_iP4IbR', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 308, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'zg8f15EB_MAu6_iP9IZ5', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 309, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': 'zw8g15EB_MAu6_iPCIYg', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 310, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '0A8g15EB_MAu6_iPG4bV', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 311, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '0Q8g15EB_MAu6_iPL4aN', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 312, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '0g8g15EB_MAu6_iPQ4Y0', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 313, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '0w8g15EB_MAu6_iPVoba', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 314, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '1A8g15EB_MAu6_iPaoaQ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 315, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '1Q8g15EB_MAu6_iPfoZD', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 316, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '1g8g15EB_MAu6_iPkYbs', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 317, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '1w8g15EB_MAu6_iPpYai', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 318, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '2A8g15EB_MAu6_iPuYZZ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 319, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '2Q8g15EB_MAu6_iPzYYU', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 320, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '2g8g15EB_MAu6_iP4Ia8', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 321, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '2w8g15EB_MAu6_iP9IZt', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 322, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '3A8h15EB_MAu6_iPCIY5', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 323, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '3Q8h15EB_MAu6_iPG4bi', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 324, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '3g8h15EB_MAu6_iPL4aK', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 325, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '3w8h15EB_MAu6_iPQ4ZJ', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 326, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '4A8h15EB_MAu6_iPVobw', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 327, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '4Q8h15EB_MAu6_iPaoap', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 328, '_primary_term': 1}
{'_index': 'wazuh-alerts-4.x-sample', '_id': '4g8h15EB_MAu6_iPfoZz', '_version': 1, 'result': 'created', '_shards': {'total': 2, 'successful': 1, 'failed': 0}, '_seq_no': 329, '_primary_term': 1}

@f-galland f-galland marked this pull request as ready for review September 9, 2024 14:15
@f-galland f-galland requested a review from a team as a code owner September 9, 2024 14:15
@f-galland f-galland linked an issue Sep 9, 2024 that may be closed by this pull request
Review Indexer repository for legacy modules #303
Closed
2 tasks
AlexRuiz7
AlexRuiz7 requested changes Sep 9, 2024
View reviewed changes
Copy link
Member

@AlexRuiz7 AlexRuiz7 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are references to ossec still:

22 results - 4 files

wazuh-indexer/integrations/docker/manager-elastic.yml:
   13:       - alerts:/var/ossec/logs/alerts/
   48:       - alerts:/var/ossec/logs/alerts/
  114:       - alerts:/var/ossec/logs/alerts/

wazuh-indexer/integrations/docker/manager-opensearch.yml:
   13:       - alerts:/var/ossec/logs/alerts/
   48:       - alerts:/var/ossec/logs/alerts/
  115:       - alerts:/var/ossec/logs/alerts/

wazuh-indexer/integrations/docker/manager-splunk.yml:
   13:       - alerts:/var/ossec/logs/alerts/
   48:       - alerts:/var/ossec/logs/alerts/
  115:       - alerts:/var/ossec/logs/alerts/

wazuh-indexer/integrations/tools/events-generator/wazuh-alerts/alerts.json:
  1051: {"timestamp": "{timestamp}", "@timestamp": "{timestamp}", "rule": {"filename": "0015-ossec_rules.xml", "relative_dirname": "ruleset/rules", "id": 550, "level": 7, "status": "enabled", "details": {"category": "wazuh", "decoded_as": "syscheck_integrity_changed"}, "pci_dss": ["11.5"], "gpg13": ["4.11"], "gdpr": ["II_5.1.f"], "hipaa": ["164.312.c.1", "164.312.c.2"], "nist_800_53": ["SI.7"], "tsc": ["PI1.4", "PI1.5", "CC6.1", "CC6.8", "CC7.2", "CC7.3"], "mitre": {"tactic": ["Impact"], "id": ["T1492"], "technique": ["Stored Data Manipulation"]}, "groups": ["syscheck", "wazuh"], "description": "Integrity checksum changed."}, "agent": {"id": "005", "name": "Centos", "ip": "197.17.1.4"}, "manager": {"name": "manager"}, "cluster": {"name": "wazuh"}, "id": "1580123327.49031", "predecoder": {}, "decoder": {}, "data": {}, "location": "/var/log/auth.log"}
  1070: {"timestamp": "{timestamp}", "@timestamp": "{timestamp}", "rule": {"filename": "0015-ossec_rules.xml", "relative_dirname": "ruleset/rules", "id": 504, "level": 3, "status": "enabled", "details": {"if_sid": "500", "match": "Agent disconnected"}, "pci_dss": ["10.6.1", "10.2.6"], "gpg13": ["10.1"], "gdpr": ["IV_35.7.d"], "hipaa": ["164.312.b"], "nist_800_53": ["AU.6", "AU.14", "AU.5"], "tsc": ["CC7.2", "CC7.3", "CC6.8"], "mitre": {"tactic": ["Defense Evasion"], "id": ["T1089"], "technique": ["Disabling Security Tools"]}, "groups": ["wazuh"], "description": "Ossec agent disconnected."}, "agent": {"id": "007", "name": "Debian", "ip": "24.273.97.14"}, "manager": {"name": "manager"}, "cluster": {"name": "wazuh"}, "id": "1580123327.49031", "predecoder": {}, "decoder": {}, "data": {}, "location": "/var/log/auth.log"}
  1082: {"timestamp": "{timestamp}", "@timestamp": "{timestamp}", "rule": {"filename": "0015-ossec_rules.xml", "relative_dirname": "ruleset/rules", "id": 592, "level": 8, "status": "enabled", "details": {"if_sid": "500", "match": "^ossec: File size reduced"}, "pci_dss": ["10.5.2", "11.4"], "gpg13": ["10.1"], "gdpr": ["IV_35.7.d"], "hipaa": ["164.312.b"], "nist_800_53": ["AU.9", "SI.4"], "tsc": ["CC6.1", "CC7.2", "CC7.3", "CC6.8"], "mitre": {"tactic": ["Impact"], "id": ["T1492"], "technique": ["Stored Data Manipulation"]}, "groups": ["attacks", "wazuh"], "description": "Log file size reduced."}, "agent": {"id": "006", "name": "Windows", "ip": "207.45.34.78"}, "manager": {"name": "manager"}, "cluster": {"name": "wazuh"}, "id": "1580123327.49031", "predecoder": {}, "decoder": {}, "data": {}, "location": "EventChannel"}
  1085: {"timestamp": "{timestamp}", "@timestamp": "{timestamp}", "rule": {"filename": "0015-ossec_rules.xml", "relative_dirname": "ruleset/rules", "id": 553, "level": 7, "status": "enabled", "details": {"category": "wazuh", "decoded_as": "syscheck_deleted"}, "pci_dss": ["11.5"], "gpg13": ["4.11"], "gdpr": ["II_5.1.f"], "hipaa": ["164.312.c.1", "164.312.c.2"], "nist_800_53": ["SI.7"], "tsc": ["PI1.4", "PI1.5", "CC6.1", "CC6.8", "CC7.2", "CC7.3"], "mitre": {"tactic": ["Defense Evasion", "Impact"], "id": ["T1107", "T1485"], "technique": ["File Deletion", "Data Destruction"]}, "groups": ["syscheck", "wazuh"], "description": "File deleted."}, "agent": {"id": "006", "name": "Windows", "ip": "207.45.34.78"}, "manager": {"name": "manager"}, "cluster": {"name": "wazuh"}, "id": "1580123327.49031", "predecoder": {}, "decoder": {}, "data": {}, "location": "EventChannel"}
  1086: {"timestamp": "{timestamp}", "@timestamp": "{timestamp}", "rule": {"filename": "0015-ossec_rules.xml", "relative_dirname": "ruleset/rules", "id": 505, "level": 3, "status": "enabled", "details": {"if_sid": "500", "match": "Agent removed"}, "pci_dss": ["10.6.1", "10.2.6"], "gpg13": ["10.1"], "gdpr": ["IV_35.7.d"], "hipaa": ["164.312.b"], "nist_800_53": ["AU.6", "AU.14", "AU.5"], "tsc": ["CC7.2", "CC7.3", "CC6.8"], "mitre": {"tactic": ["Defense Evasion"], "id": ["T1089"], "technique": ["Disabling Security Tools"]}, "groups": ["wazuh"], "description": "Ossec agent removed."}, "agent": {"id": "007", "name": "Debian", "ip": "24.273.97.14"}, "manager": {"name": "manager"}, "cluster": {"name": "wazuh"}, "id": "1580123327.49031", "predecoder": {}, "decoder": {}, "data": {}, "location": "/var/log/secure"}
  1089: {"timestamp": "{timestamp}", "@timestamp": "{timestamp}", "rule": {"filename": "0015-ossec_rules.xml", "relative_dirname": "ruleset/rules", "id": 518, "level": 9, "status": "enabled", "details": {"if_sid": "514", "match": "Adware|Spyware"}, "gpg13": ["4.2"], "gdpr": ["IV_35.7.d"], "mitre": {"tactic": ["Lateral Movement"], "id": ["T1017"], "technique": ["Application Deployment Software"]}, "groups": ["rootcheck", "wazuh"], "description": "Windows Adware/Spyware application found."}, "agent": {"id": "005", "name": "Centos", "ip": "197.17.1.4"}, "manager": {"name": "manager"}, "cluster": {"name": "wazuh"}, "id": "1580123327.49031", "predecoder": {}, "decoder": {}, "data": {}, "location": "/var/log/auth.log"}
  1090: {"timestamp": "{timestamp}", "@timestamp": "{timestamp}", "rule": {"filename": "0015-ossec_rules.xml", "relative_dirname": "ruleset/rules", "id": 597, "level": 5, "status": "enabled", "details": {"category": "wazuh", "if_sid": "553", "hostname": "syscheck-registry"}, "pci_dss": ["11.5"], "gpg13": ["4.13"], "gdpr": ["II_5.1.f"], "hipaa": ["164.312.c.1", "164.312.c.2"], "nist_800_53": ["SI.7"], "tsc": ["PI1.4", "PI1.5", "CC6.1", "CC6.8", "CC7.2", "CC7.3"], "mitre": {"tactic": ["Defense Evasion", "Impact"], "id": ["T1107", "T1485"], "technique": ["File Deletion", "Data Destruction"]}, "groups": ["syscheck", "wazuh"], "description": "Registry Entry Deleted."}, "agent": {"id": "005", "name": "Centos", "ip": "197.17.1.4"}, "manager": {"name": "manager"}, "cluster": {"name": "wazuh"}, "id": "1580123327.49031", "predecoder": {}, "decoder": {}, "data": {}, "location": "/var/log/secure"}
  1123: {"timestamp": "{timestamp}", "@timestamp": "{timestamp}", "rule": {"filename": "0015-ossec_rules.xml", "relative_dirname": "ruleset/rules", "id": 594, "level": 5, "status": "enabled", "details": {"category": "wazuh", "if_sid": "550", "hostname": "syscheck-registry"}, "pci_dss": ["11.5"], "gpg13": ["4.13"], "gdpr": ["II_5.1.f"], "hipaa": ["164.312.c.1", "164.312.c.2"], "nist_800_53": ["SI.7"], "tsc": ["PI1.4", "PI1.5", "CC6.1", "CC6.8", "CC7.2", "CC7.3"], "mitre": {"tactic": ["Impact"], "id": ["T1492"], "technique": ["Stored Data Manipulation"]}, "groups": ["syscheck", "wazuh"], "description": "Registry Integrity Checksum Changed"}, "agent": {"id": "001", "name": "RHEL7", "ip": "187.54.247.68"}, "manager": {"name": "manager"}, "cluster": {"name": "wazuh"}, "id": "1580123327.49031", "predecoder": {}, "decoder": {}, "data": {}, "location": "/var/log/auth.log"}
  1130: {"timestamp": "{timestamp}", "@timestamp": "{timestamp}", "rule": {"filename": "0015-ossec_rules.xml", "relative_dirname": "ruleset/rules", "id": 593, "level": 9, "status": "enabled", "details": {"if_sid": "500", "match": "^ossec: Event log cleared"}, "pci_dss": ["10.5.2"], "gpg13": ["10.1"], "gdpr": ["II_5.1.f", "IV_35.7.d"], "hipaa": ["164.312.b"], "nist_800_53": ["AU.9"], "tsc": ["CC6.1", "CC7.2", "CC7.3"], "mitre": {"tactic": ["Defense Evasion"], "id": ["T1070"], "technique": ["Indicator Removal on Host"]}, "groups": ["logs_cleared", "wazuh"], "description": "Microsoft Event log cleared."}, "agent": {"id": "003", "name": "ip-10-0-0-180.us-west-1.compute.internal", "ip": "10.0.0.180"}, "manager": {"name": "manager"}, "cluster": {"name": "wazuh"}, "id": "1580123327.49031", "predecoder": {}, "decoder": {}, "data": {}, "location": "EventChannel"}

In the case of the alerts.json sample file, we can rename ossec to wazuh.

@f-galland f-galland force-pushed the 303-remove-legacy-alerts-json-references branch from 43c89ae to a9341bc Compare September 9, 2024 14:47
AlexRuiz7
AlexRuiz7 approved these changes Sep 9, 2024
View reviewed changes
Copy link
Member

@AlexRuiz7 AlexRuiz7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@AlexRuiz7 AlexRuiz7 merged commit 2735c81 into master Sep 9, 2024
5 checks passed
@AlexRuiz7 AlexRuiz7 deleted the 303-remove-legacy-alerts-json-references branch September 9, 2024 14:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AlexRuiz7 AlexRuiz7 AlexRuiz7 approved these changes

Assignees

@f-galland f-galland

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Review Indexer repository for legacy modules
2 participants
@f-galland @AlexRuiz7