Describe the bug
Wazuh 4.8.0 Customer Provisioned Grafana Dashboards Incorrectly Configured with '.' instead of ''. A classic situation where Graylog is in the stack where Graylog automatically converts Wazuh fields from having a '.' to '' instead. The provisioned dashboards reference field names with '.' rather than what they need to which is '_'. Not a huge problem for one to update them as long as one understands this is the case. Would be nice if we could have this fixed in code though.
To Reproduce
Steps to reproduce the behavior:
Provision new customer
Go to customer in Grafana
Open dashboard "EDR - SYSTEM VULNERABILITIES - WAZUH 4.8 and ABOVE", as an example pick the Agents panel and inspect the json
Observe that the json for Agents panel uses agent.name when it should use agent_name.
Adjust to agent_name and see that this fixes the issue.
Expected behavior
That the dashboards load properly on Wazuh 4.8 and above.
Screenshots
You can see above here that agent.name is used instead of agent_name
Describe the bug Wazuh 4.8.0 Customer Provisioned Grafana Dashboards Incorrectly Configured with '.' instead of ''. A classic situation where Graylog is in the stack where Graylog automatically converts Wazuh fields from having a '.' to '' instead. The provisioned dashboards reference field names with '.' rather than what they need to which is '_'. Not a huge problem for one to update them as long as one understands this is the case. Would be nice if we could have this fixed in code though.
To Reproduce Steps to reproduce the behavior:
Expected behavior That the dashboards load properly on Wazuh 4.8 and above.
Screenshots