This guide describes how to install the Wazuh agent from source code.
Many of the commands described below need to be executed with root user privileges.
Install development tools and compilers. In Linux this can easily be done using your distribution’s package manager:
For RPM-based distributions:# yum install make gcc policycoreutils-python automake autoconf libtool
For Debian-based distributions:# apt-get install make gcc libc6-dev curl policycoreutils automake autoconf libtool
Download and extract the latest version:
# curl -Ls https://github.com/wazuh/wazuh/archive/v3.7.2.tar.gz | tar zx
install.shscript. This will run a wizard that will guide you through the installation process using the Wazuh sources:
# cd wazuh-* # ./install.sh
Since Wazuh 3.5 it is necessary to have internet connection when following this step.
You can also run an unattended installation.
The script will ask about what kind of installation you want. Type
agentin order to install a Wazuh agent:
1- What kind of installation do you want (manager, agent, local, hybrid or help)? agent
Now that the agent is installed, the next step is to register and configure it to communicate with the manager. For more information about this process, please visit the user manual.
This section describes how to download and build the Wazuh HIDS Windows agent from sources. This process begins with compiling the agent on a Linux system to generate the .msi installer for the Windows installation.
The following procedure has been tested on Ubuntu 16.04 and other Debian based distributions and may work with other Debian/Ubuntu versions as well.
Set up the Ubuntu build environment. Install these dependencies to build the Windows Wazuh agent installer on Ubuntu:
# apt-get install gcc-mingw-w64 # apt-get install nsis # apt-get install make
Set up Windows build environment. To generate the installer, the following dependencies must be in place on the Windows machine:
.NET framework 3.5.1.
Microsoft Windows SDK.
Download the Wazuh source code and unzip it:
# curl -Ls https://github.com/wazuh/wazuh/archive/v3.7.2.tar.gz | tar zx # cd wazuh-*/src
Compile the agent by running the
# make deps # make TARGET=winagent
The following output will appear at the end of the building process:
Done building winagent
Once the agent has been compiled, transfer the Wazuh folder to the target Windows system. It is recommended that this folder be compressed at first to speed up the process.
# zip -r wazuh.zip ../../wazuh-3.7.2
Once in Windows, run the
wazuh-3.7.2/src/win32/wazuh-installer-build-msi.batfile to start the installer generation. If you do not want to sign the installer, you will have to comment or delete the signtool line.
The installer is now ready. It can be launched with a normal or unattended installation. For more information about this process, please visit our installation section for Windows.
Once the agent is installed, the next step is to register and configure it to communicate with the manager. For more information about this process, please visit the user manual.