Skip to content

Reintroduce Cloud Security module #8043

New issue
New issue
Open
Feature
Open
Reintroduce Cloud Security module#8043
Feature
Labels
level/taskTask issuetype/enhancementEnhancement issue
@asteriscos

Description

@asteriscos
asteriscos
opened on Jan 15, 2026

Description

Reintroduce a functional Cloud Security module adapting the visualizations to the available fields in Wazuh 5.0.0. The Cloud Security module has the following index-patterns available:

  • wazuh-events-v5-cloud-services*
  • wazuh-events-v5-cloud-services-aws*
  • wazuh-events-v5-cloud-services-azure*
  • wazuh-events-v5-cloud-services-gcp*

Tasks

  1. Base all dashboards on raw events (findings to be aligned later).
  2. Identify and document the primary identifier field for each cloud source/section.
  3. Implement or adapt decoders for (if needed):
    • GitHub
    • Docker
    • Office 365
  4. Ensure future compatibility so that findings can later reuse the same fields.

Metadata

Metadata

Assignees

No one assigned

    Labels

    level/taskTask issuetype/enhancementEnhancement issue

    Type

    Feature

    Projects

    XDR+SIEM/Release 5.0.0

    Status

    Triage

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions