This is the documentation for Wazuh 3.1. Check out the docs for the latest version of Wazuh!

ossec-reportd

ossec-reportd is a program to create reports from Wazuh alerts. It accepts alerts on stdin, and outputs a report on stderr.

Note

Since ossec-reportd outputs to stderr, some utilities like less will not work if you do not redirect the output. To do this, end the ossec-reportd with 2>&1 to redirect stderr to stdout. Following this redirect, more or less can be used with ease.

-D <dir> Chroot to <dir> .
-d Run in debug mode. This option may be repeated to increase the verbosity of the debug messages.
-f <filter> <value> Filter the results.
Allowed values group
rule
level
location
user
srcip
filename
-g <group> Group to run as (default: ossec).
-h Display the help message.
-n <string> Create a description for the report.
-r <filter> <value> Show related entries.
-s Show the alerts related to the summary.
-t Test configuration.
-u <user> User to run as (default: ossec).
-V Display the version and license information