Installation

-Run curl -sO https://packages.wazuh.com/4.3/wazuh-install.sh && sudo bash ./wazuh-install.sh -a

-Once installation is complete it will give you the username and password needed to log into the server

Group Creation

-To create a group on the webpage open the dropdown menu, click management, and then under administration click groups

-Click add new group and give your group a name

Agent Creation

-Open the dropdown menu and click agents

-Click deploy new agent and select your desired settings for it.

In the case of the Lab we selected Red Hat/CentOS, CentOS6 or Higher, x86_64, 172.16.200.10, and assign to the linux group.

-Then run the command it gives you on the agent machine

sudo WAZUH_MANAGER='172.16.200.10' WAZUH_AGENT_GROUP='Linux' yum install https://packages.wazuh.com/4.x/yum/wazuh-agent-4.3 10-1.x86_64.rpm

-Start the agent with sudo systemctl daemon-reload, sudo systemctl enable wazuh-agent, and sudo systemctl start wazuh-agent