Manager Requirements

The Wazuh manager is in charge of carrying out the integration with Microsoft Azure when monitoring infrastructure activity services. In order to work properly, the integration requires the installation of some dependencies.

Required dependencies

  • Microsoft Azure

  • Wazuh >= v3.7.0

  • Python >= v2.7

  • Pip

  • pytz

  • azure-storage-blob

Microsoft Azure

The Microsoft Azure infrastructure is mandatory. To have access to the infrastructure it will be necessary to have the credentials corresponding to the modules we want to use to obtain the logs.

Wazuh v3.7.0

The Microsoft Azure integration is available since Wazuh v.3.7.0. If you need to update your Wazuh installation, check out the upgrading section

Python 2.7

Part of the integration has been implemented in Python so we will need to install at least the 2.7 version or higher.

Pip

We'll use Pip, the Python package tool, to install all the neccesary libraries and dependencies for the Azure integration.

pytz

The pytz library allows accurate and cross platform time zone calculations and date arithmetic using local times.

azure-storage-blob

The azure-storage-blob library makes easy to use and access Microsoft Azure Storage content.

Installing the dependencies

The pytz and azure-storage-blob modules are required on the system running the Wazuh module to pull Microsoft Azure events.

Pip

You can install pip on RPM or DEB based Operating Systems, or compile it from sources too. Follow these instructions according to your needs:

  1. CentOS/RHEL/Fedora:

# yum install python-pip

Note

It may be necessary to enable the EPEL repository. Read more about it on the Fedora wiki.

  1. Debian/Ubuntu:

# apt-get update && apt-get install python-pip
  1. From sources:

# curl -O https://bootstrap.pypa.io/get-pip.py
# python get-pip.py

pytz

# pip install pytz

azure-storage-blob

# pip install azure-storage-blob