Here are some useful logs you can process in Wazuh:
Detected Viruses:
/var/log/cpfenceav/infections.history
Killed Queries:
/var/log/cpfenceav/killed_queries.history
IPDB Logs:
sudo tail -f /var/log/syslog | grep -E 'cPFence Blocked:|cPFence DDos Protection:'Owl Logs:
sudo tail -f /opt/cpfence/app/owl/tmp/logs/main_log
You’ve done a great job so far. Good luck!.
cPFence Thank you for sharing these log locations! I already have IPDB and Owl logs successfully integrated and forwarding to Wazuh. Regarding the Detected Viruses and Killed Queries - these haven't been generated on my server yet, probably because nothing suspicious was detected 
Would you mind sending some example logs to info@netzen.cz? That would help me process and test the integration properly.
I'm making good progress with the Wazuh integration overall. In about 2-3 days, I should be ready to share my configurations with everyone. Thanks again for your help, and wishing you all the best!
Due to the pre-Christmas rush, I’m running a bit late on my promised timeline. I plan to get back to this topic between the holidays. My apologies for the delay, and wishing you all a wonderful Christmas season! 
Thanks everyone - I hope to share my configuration for this setup after Christmas. I've successfully mapped UUIDs to domains, allowing me to visualize both container metrics and system metrics on a dashboard like this. While there are multiple display options available, this layout works best for me.
Looks great !
I sincerely apologize for not continuing here with the promised process. Firstly, I was waiting for the Enhance update, and secondly, to be honest, I was overwhelmed with other events. If there is interest, I can continue.
netzen Yes please!
Yes, I would be interested
Yes, interested.
Interested
Pěknou dovolenou!
