Wazuh - nicolas-tullio/Tech-Journal GitHub Wiki

Wazuh Installation

curl -sO https://packages.wazuh.com/4.3/wazuh-install.sh && sudo bash ./wazuh-install.sh -a

  • Take note of the default administrator password provided in the installation output

Groups

Create a group called linux by clicking the top arrow and selecting Groups

Deploy Agent

From Menu -> Agents, configure the following options:

  1. Redhat/CentoS
  2. CentOS 6 or higher (Note, it will work on rocky 8)
  3. x86_64
  4. 172.16.200.10
  5. linux
  6. Run this command on your web01 server sudo WAZUH_MANAGER='172.16.200.10' WAZUH_AGENT_GROUP='linux' yum install https://packages.wazuh.com/4.x/yum/wazuh-agent-4.3.10-1.x86_64.rpm
  7. Start web01 agent
sudo systemctl daemon-reload
sudo systemctl enable wazuh-agent
sudo systemctl start wazuh-agent
  1. To view in a browser, navigate to the wazuh-nicolas IP