Ubuntu 18.04 | Wazuh Indexer, Server, and Dashboard Installation - LouisNajdek/SEC440-480 GitHub Wiki

Wazuh

Installing Wazuh using the Wazuh assistant requires you to download the following resources from Wazuh. Put them in their own directory for you to work with them in.

curl -sO https://packages.wazuh.com/4.3/wazuh-certs-tool.sh

curl -sO https://packages.wazuh.com/4.3/config.yml

Edit the Wazuh config.yml file to match the needs for your environment. In this case all attributes of the Wazuh Managing Server will be held on one system.

You will then need to generate the configuration files from that config.yml.

bash wazuh-install.sh --generate-config-files

Then, install the services with the following commands. (Substitute "node-name" for the name of your respective nodes. In my case, the dashboard node was located on the same device as everything else, and was titled "dashboard".

bash wazuh-install.sh --wazuh-indexer node-name

After creating the indexer, initialize the cluster.

bash wazuh-install.sh --start-cluster

Then install the Wazuh server bash wazuh-install.sh --wazuh-server node-name Then install the Wazuh dashboard bash wazuh-install.sh --wazuh-dashboard node-name

After you install the Wazuh dashboard, you will be able to access the credentials for Wazuh by printing them with the following command

tar -O -xvf wazuh-install-files.tar wazuh-install-files/wazuh-passwords.txt

Your Wazuh dashboard can now be accessed at

https://(server_ip)