Automate Your Wazuh Alert Enhancement Process

Introduction While building a multitenant SOC architecture using Wazuh and OpenSearch, I quickly ran into a critical issue: Wazuh alerts do not include the agent group(s) by default. In a setup where each client is represented by a group of agents,...