Configuration file¶

pattern¶

Default index pattern to use on the app. If there’s no valid index patterns on Elasticsearch, the app will automatically create one with the name indicated in this option.

timeout¶

Defines the maximum time the app will wait for an API response when making requests to it. It will be ignored if the value is set under 1500 milliseconds.

api.selector¶

Defines if the user is allowed to change the selected API directly from the Wazuh app top menu.

ip.selector¶

Defines if the user is allowed to change the selected index pattern directly from the top menu bar.

ip.ignore¶

Disable certain index pattern names from being available in index pattern selector from the Wazuh app. An empty list (the default value) won’t ignore any valid index pattern.

xpack.rbac.enabled¶

Enable or disable X-Pack RBAC security capabilities when using the app.

admin¶

Enable or disable administrator requests to the Wazuh API when using the app. This makes PUT, POST and DELETE requests available on the Dev tools tab.

logs.level¶

Set the logging level for the Wazuh App log files.

hideManagerAlerts¶

Hide the manager’s alerts in the dashboard visualizations.

wazuh.monitoring.enabled¶

Enable or disable the wazuh-monitoring index creation and/or visualization:

• When the value is set to true, the app will show the Agents status visualization and will insert monitoring-related data.
• When the value is set to false, the app won’t show the visualization and won’t insert monitoring-related data.
• When the value is set to worker, the app will show the visualization, but won’t insert monitoring-related data.

wazuh.monitoring.frequency¶

Define in seconds the frequency of API requests to get the state of the agents to create a new document in the wazuh-monitoring index with this data.

wazuh.monitoring.pattern¶

Default Wazuh monitoring index pattern to use for the app. This setting does not remove any existing patterns or templates, it just updates the app to add the new ones.

wazuh.monitoring.creation¶

Configure wazuh-monitoring-3.x-* indices custom creation interval.

checks.pattern¶

Enable or disable the index pattern health check when opening the app.

checks.template¶

Enable or disable the template health check when opening the app.

checks.api¶

Enable or disable the API health check when opening the app.

checks.setup¶

Enable or disable the setup health check when opening the app.

checks.fields¶

Enable or disable the known fields health check when opening the app.

extensions.pci¶

Enable or disable the PCI DSS tab on Overview and Agents.

extensions.gdpr¶

Enable or disable the GDPR tab on Overview and Agents.

extensions.audit¶

Enable or disable the Audit tab on Overview and Agents.

extensions.oscap¶

Enable or disable the Open SCAP tab on Overview and Agents.

extensions.ciscat¶

Enable or disable the CIS-CAT tab on Overview and Agents.

extensions.aws¶

Enable or disable the Amazon (AWS) tab on Overview and Agents.

extensions.virustotal¶

Enable or disable the VirusTotal tab on Overview and Agents.

extensions.osquery¶

Enable or disable the Osquery tab on Overview and Agents.

extensions.docker¶

Enable or disable the Docker listener tab on Overview and Agents.

wazuh-version.shards¶

Define the number of shards to use for the wazuh-version index.

wazuh-version.replicas¶

Define the number of replicas to use for the wazuh-version index.

wazuh.monitoring.shards¶

Define the number of shards to use for the wazuh-monitoring-3.x-* indices.

wazuh.monitoring.replicas¶

Define the number of replicas to use for the wazuh-monitoring-3.x-* indices.