Wazuh - eitan-j/tech-journal GitHub Wiki

Install Wazuh

• curl -sO https://packages.wazuh.com/4.5/wazuh-install.sh
  • Replace 4.5 with the latest version
• sudo bash ./wazuh-install.sh -a -i
  • -a to install Wazuh server, indexer, and dashboard
  • -i to ignore system requirements
  • Write down the password
• Connect using browser to https://:443

Create new group

• Click ^ > Management > Groups
• Click Add new group
  • Name group

Create new agent

• Click ^ > Agents > Deploy new agent
• Choose OS and arch of agent server
• Enter Wazuh server IP
• Leave name blank to use hostname
• Add to group (optional)
• Copy install command and run on agent server
• Copy systemd commands and run on agent server