ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Wazuh Agent Install - Ubuntu

    IT Discussion
    wazuh linux ubuntu
    1
    1
    1.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • IRJI
      IRJ
      last edited by scottalanmiller


      Install Curl, Apt-Transport-HTTPS and LSB-Release


      apt install curl
      apt install apt-transport-https
      apt install lsb-release
      

      Extra dependencies for docker


      apt install gnupg
      

      Install Wazuh repository and GPG key


      curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
      echo "deb https://packages.wazuh.com/3.x/apt/ stable main" | tee /etc/apt/sources.list.d/wazuh.list
      apt update
      

      Install agent


      apt install wazuh-agent
      

      Disable automatic updates for agents


      sed -i "s/^deb/#deb/" /etc/apt/sources.list.d/wazuh.list
      apt update
       
      

      Copy ossec.conf file for agent configuration settings.


      I used this area to push an automatically configured ossec.conf file down to client
      You can manually edit /var/ossec/etc/ossec.conf
      

      Add agent to wazuh server using SSL


      systemctl restart wazuh-agent
      /var/ossec/bin/agent-auth -m 192.168.1.1
      systemctl restart wazuh-agent
       
      
      **********************************************************
      Manual agent registration notes are below in case
      automation fails
      ***********************************************************
      
      
      #***********************************************************
      #On Wazuh Manager
      #***********************************************************
      
      # sudo /var/ossec/bin/manage_agents
      # A to add
      # Enter Hostname and IP address of client(s)
      # E to Extract Key for Agent
      #***********************************************************
      
      #***********************************************************
      #On Wazuh Agent Machine
      #***********************************************************
      # sudo /var/ossec/bin/manage_agents
      # I to import key (copy and paste key from wazuh manager)
      #**********************************************************
      1 Reply Last reply Reply Quote 2
      • 1 / 1
      • First post
        Last post