Wazuh Ruleset

Wazuh ruleset is used to detect attacks, intrusions, software misuse, configuration problems, application errors, malware, rootkits, system anomalies or security policy violations.

The ruleset includes compliance mapping with PCI DSS v3.1 and CIS.

Directory structure

├── wazuh/ruleset
│ ├── sca                 # Security Configuration Assessment created/updated by Wazuh
│ ├── README.md

Full documentation

Full documentation at documentation.wazuh.com

Web references

Wazuh website
OSSEC project website