Wazuh Quick Install

Installation

Based on documentation, run the script and log in with the generated admin login.

Adding Agents

Add a group for the agents being added. The groups can be accessed by the following screenshot.

Similarly, add a new agent.

Complete the fields and use the generated command to install an agent on the machine to monitor, not the server.

After adding the agent, it will show up in the agent's dashboard.

Directory structure

The root for agents' data is /var/losses. The subdirectories contain important information that can be configured or found through the web interface. For example /var/ossec/logs/alerts/alerts.json contains the generated alerts.