This is the documentation for Wazuh 3.11. Check out the docs for the latest version of Wazuh!

Wazuh Kibana plugin

Wazuh provides an automated way of building our Wazuh Kibana plugin packages.

To create a Wazuh Kibana plugin package follow these steps:

Requirements

  • Docker
  • Git

Download our wazuh-packages repository from GitHub and go to the wazuhapp directory.

$ git clone https://github.com/wazuh/wazuh-packages && cd wazuh-packages/wazuhapp

Execute the generate_wazuh_app.sh script, with the different options you desire. This script will build a Docker image with all the necessary tools to create the Wazuh Kibana plugin package and run a container that will build it:

$ ./generate_wazuh_app.sh -h
Usage: ./generate_wazuh_app.sh [OPTIONS]

    -b, --branch <branch>     [Required] Select Git branch or tag e.g.v3.11.4-7.6.1
    -s, --store <path>        [Optional] Set the destination path of package, by defauly wazuhapp/output/
    -r, --revision <rev>      [Optional] Package revision that append to version e.g. x.x.x-rev
    -c, --checksum <path>     [Optional] Generate checksum
    -h, --help                Show this help.

Below, you will find some examples of how to build Wazuh Kibana plugin packages.

# ./generate_wazuh_app.sh -b v3.11.4-7.6.1 -s /wazuh-app -r 1

This will generate a Wazuh Kibana plugin package for Wazuh 3.11.4 and ELK 7.6.1 with revision 1 and store it in /wazuh-app.

# ./generate_wazuh_app.sh -b v3.11.4-7.6.1 -s /wazuh-app -r 1 -c

This will generate a Wazuh Kibana plugin package for Wazuh 3.11.4 and ELK 7.6.1 with revision 1, the sha512 checksum and store them in /wazuh-app .

Remember that the branch or tag for the script has to come from our wazuh-kibana-app repository.