Difference between revisions of "Wazuh"
Jump to navigation
Jump to search
| Line 9: | Line 9: | ||
https://documentation.wazuh.com/current/user-manual/agent-enrollment/via-manager-API/requesting-the-key.html | https://documentation.wazuh.com/current/user-manual/agent-enrollment/via-manager-API/requesting-the-key.html | ||
| + | # Install Server/Manager | ||
| + | ## 1 | ||
| + | ``` | ||
| + | apt-get install gnupg apt-transport-https && curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg && echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list && apt-get update && apt-get -y install wazuh-manager | ||
| + | ``` | ||
| + | |||
| + | ## 2 | ||
| + | ``` | ||
| + | systemctl daemon-reload | ||
| + | systemctl enable wazuh-manager | ||
| + | systemctl start wazuh-manager | ||
| + | ``` | ||
| + | |||
| + | ## 3 | ||
| + | ``` | ||
| + | systemctl status wazuh-manager | ||
| + | ``` | ||
| + | |||
| + | # Install Agent | ||
| + | |||
| + | ## Download | ||
| + | |||
| + | ### Windows | ||
| + | |||
| + | https://packages.wazuh.com/4.x/windows/wazuh-agent-4.7.2-1.msi | ||
| + | |||
| + | ## Get token for agent | ||
``` | ``` | ||
TOKEN=$(curl -u wazuh:wazuh -k -X POST "https://wazuh.example.com:55000/security/user/authenticate?raw=true") | TOKEN=$(curl -u wazuh:wazuh -k -X POST "https://wazuh.example.com:55000/security/user/authenticate?raw=true") | ||
curl -k -X POST -d '{"name":"ws-w10"}' "https://wazuh.example.com:55000/agents?pretty=true" -H "Content-Type:application/json" -H "Authorization: Bearer $TOKEN" | curl -k -X POST -d '{"name":"ws-w10"}' "https://wazuh.example.com:55000/agents?pretty=true" -H "Content-Type:application/json" -H "Authorization: Bearer $TOKEN" | ||
``` | ``` | ||
Revision as of 23:19, 22 January 2024
https://documentation.wazuh.com/current/installation-guide/wazuh-server/step-by-step.html
https://packages.wazuh.com/4.x/windows/wazuh-agent-4.7.2-1.msi
https://documentation.wazuh.com/current/user-manual/api/getting-started.html
Install Server/Manager
1
apt-get install gnupg apt-transport-https && curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg && echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list && apt-get update && apt-get -y install wazuh-manager
2
systemctl daemon-reload systemctl enable wazuh-manager systemctl start wazuh-manager
3
systemctl status wazuh-manager
Install Agent
Download
Windows
https://packages.wazuh.com/4.x/windows/wazuh-agent-4.7.2-1.msi
Get token for agent
TOKEN=$(curl -u wazuh:wazuh -k -X POST "https://wazuh.example.com:55000/security/user/authenticate?raw=true")
curl -k -X POST -d '{"name":"ws-w10"}' "https://wazuh.example.com:55000/agents?pretty=true" -H "Content-Type:application/json" -H "Authorization: Bearer $TOKEN"