Lab 3.2: Wazuh
Summary
During this lab we setup our Wazuh box with Wazoh and added the agent to web01.
Wazuh Install
Curl install file and run it
Take not of the password that is gernated in the terminal if you miss it. It's in plane text in the wazuh-install-files.tar
Navigate to the wazuh machines IP. Here you login with
wazuh|<passwd from before>
Wazuh Agent Setup
In the web gui navigate to the Agents tab
Fill out correct information
It will give you the commands to install the agent on selected machine
Run that command on selected machine
enable and start the agent
Now under the Agents tab it should populate with the machines information
Wazuh Agent Config
Wazuh config files information is located in /var/ossec. The main config is /var/ossec/etc/shared/agent.conf
Config Documentation: https://documentation.wazuh.com/current/user-manual/reference/centralized-configuration.html
Last updated