Getting error while creating rule in “SIEM Detection and Alerting”, anyone else encounter the same issue ?
Getting the same error, did u solved it ?
When I go to run the script to get the flag it’s saying “I do not see the correct alert level for this event” otherwise I was successfully able to change the alert level. Seems like everything is correct - not sure what I’m doing wrong.
Hey there - could you post a screenshot of your edited rule in the local_rules.xml file (Part 3, Step 15)? And a screenshot of your Level 12 alert in Wazuh (Part 3, Step 19)?