The Wazuh agent runs on the hosts that you want to monitor. It is multi-platform and provides the following capabilities:
Log and data collection
File integrity monitoring
Rootkit and malware detection
Security policy monitoring.
In addition, it communicates with the Wazuh manager, sending data in near real-time through an encrypted and authenticated channel.
There are several options to install a Wazuh agent, depending on the operating system and whether or not you wish to build from source. Consult the table below and choose how to proceed for a given agent:
Install Wazuh agents on AIX.
Install Wazuh agents on HP-UX.
Install Wazuh agents on Linux.
Install Wazuh agents on macOS.
Install Wazuh agents on Solaris.
Install Wazuh agents on Windows.
The compatibility between Wazuh agent and Wazuh manager is guaranteed when the wazuh manager has a greater or equal version than the Wazuh agent.
Deploying agents to a large number of servers or endpoints can be easier using automation tools like Puppet, Chef, SCCM or Ansible. Consider exploring these options if you are deploying Wazuh in a larger environment.