Community & contributing
This project improves fastest when real SOC teams test it in real environments.
Good first contributions
- Add a new incident playbook (document + policy mapping)
- Improve evidence pack schema fields
- Add more Prometheus metrics or dashboards
- Extend Slack commands for common workflows
- Test on additional Linux distros and report issues
Browse issues Join discussions
What to include in bug reports
- Wazuh version and OS
- Deployment method (installer / docker-compose / systemd)
- Relevant logs and redacted configs
- Steps to reproduce
Security note: never paste API keys or production secrets in GitHub issues.
Share your deployment
If you write a public post about your deployment, link it in GitHub Discussions — it helps others copy what worked.