In part 3, I am repeatedly getting an error even after restarting the lab from scratch.
I face an error while trying to execute step 17 - sudo systemctl restart wazuh-manager.service
The error is - Job for wazuh-manager.service failed because the control process exited with error code. I did try to triage it a bit, but it didn’t work. I followed all instructions, and I can’t proceed with the lab till this gets fixed.
Can you provide a screenshot of your command and the result?
I will re-run the lab steps to see if I can replicate.
Okay, I just tested the lab, but could not replicate the issue. I completed Getting Started, then jumped ahead to Part 3.
My guess is that there’s an error in your edits to the /var/ossec/etc/rules/local_rules.xml file.
I tried everything. Restarted the lab. Took a break for a few days. Now, I checked the file edits character by character. But I still get this error. Let me include a screenshot of the edits and the command - error.
Can you help? Its the last bit and I’m not able to move forward from here.
nvm, there was an issue with the way the data was being copied and pasted. It works now. Cheers!
I think the issue was you had the new rule outside of the group tags.
