Contribute to the ruleset

If you have created new rules, decoders or rootchecks and you would like to contribute to our repository, please fork our Github repository and submit a pull request.

If you are not familiar with Github, you can also share them through our mailing list, to which you can subscribe by sending an email to wazuh+subscribe@googlegroups.com. Also, do not hesitate to request new rules or rootchecks that you would like to see running in Wazuh. Our team will do our best to make it happen.

Note

In our repository you will find that most of the rules contain one or more groups called pci_dss_X. This is the PCI DSS control related to the rule. We have produced a document that can help you tag each rule with its corresponding PCI requirement: PCI tagging