Running PowerShell Commands on a Wodle Wazuh
Running PowerShell Commands on a Wodle in Wazuh By executing PowerShell commands through a Wazuh Wodle and formatting the results in JSON, you can streamline log processing without the need for custom decoders. This method simplifies integration—only the corresponding rules need to be defined to handle the structured output effectively. PowerShell Command Format The recommended format for PowerShell commands in a Wodle is: Powershell -c "@{ <header> = <command> } | ConvertTo-Json -compress" <command> is the PowerShell cmdlet or one-liner script that outputs an object ...