The Wazuh manager is in charge of carrying out the integration with Microsoft Azure when monitoring infrastructure activity services. In order to work properly, the integration requires the installation of some dependencies.
Wazuh >= v3.7.0
Python >= v2.7
The Microsoft Azure infrastructure is mandatory. To have access to the infrastructure it will be necessary to have the credentials corresponding to the modules we want to use to obtain the logs.
The Microsoft Azure integration is available since Wazuh v.3.7.0. If you need to update your Wazuh installation, check out the upgrading section
Part of the integration has been implemented in Python so we will need to install at least the
2.7 version or higher.
We'll use Pip, the Python package tool, to install all the neccesary libraries and dependencies for the Azure integration.
The pytz library allows accurate and cross platform time zone calculations and date arithmetic using local times.
The azure-storage-blob library makes easy to use and access Microsoft Azure Storage content.
azure-storage-blob modules are required on the system running the Wazuh module to pull Microsoft Azure events.
You can install
pip on RPM or DEB based Operating Systems, or compile it from sources too. Follow these instructions according to your needs:
# yum install python-pip
It may be necessary to enable the EPEL repository. Read more about it on the Fedora wiki.
# apt-get update && apt-get install python-pip
# curl -O https://bootstrap.pypa.io/get-pip.py # python get-pip.py
# pip install pytz
# pip install azure-storage-blob