Configuration
Wazuh-Logtest is a functionality provided by the manager, whose work parameters are configured in the ossec.conf file in the section rule_test.
By default, the configuration is:
<rule_test>
<enabled>yes</enabled>
<threads>1</threads>
<max_sessions>64</max_sessions>
<session_timeout>15m</session_timeout>
</rule_test>
And it has the following configuration parameters
Parameter |
Description |
Default |
Values allowed |
---|---|---|---|
enabled |
Determine if logtet is enabled or disabled |
yes |
yes/no |
threads |
Number of Wazuh-Logtest threads |
1 |
a number between 1 and 128, or auto to create one thread per CPU |
max_sessions |
Number of users connected simultaneously |
64 |
A number between 1 and 500 |
session_timeout |
Time interval in which a client must remain offline to remove the resources associated with their session |
15m |
A positive number that should contain a suffix character indicating a time unit, such as, s (seconds), m (minutes), h (hours). The max value is 365 days |