Installing dependencies

Note

The integration with AWS S3 can be done at the Wazuh manager (which also behaves as an agent) or directly at a Wazuh agent. This choice merely depends on how you decide to access your AWS infrastructure in your environment.

Python Boto3 module is required on the system running the Wazuh module to pull AWS events.

Pip

The required modules can be installed with Pip, the Python package manager. The majority of UNIX distributions have this tool availabel in their software repositories, but it can be compiled from sources too:

  1. For CentOS/RHEL/Fedora systems:

# yum install python-pip
  1. For Debian/Ubuntu systems:

# apt-get update && apt-get install python-pip
  1. From sources:

# curl -O https://bootstrap.pypa.io/get-pip.py
# python get-pip.py

Boto3

Boto3 is the official package supported by Amazon to manage AWS resources. It will be used to download the log messages from the S3 Bucket. To install this package, execute the following command:

# pip install boto3