This is the documentation for Wazuh 3.9. Check out the docs for the latest version of Wazuh!

Deployment variables for AIX

For an agent to be fully deployed and connected to the Wazuh server it needs to be installed, registered and configured. To make the process simple, the installers can use variables that allow the configuration provisioning.

Below you can find a table describing the variables used by Wazuh installers, and a few examples on how to use them.

Note

To be able to use these deployment variables, you need to use the bash shell.

Option Description
WAZUH_MANAGER_IP Specifies the manager IP address or hostname. In case you want to specify multiple managers, you can add them separated by commas. See address.
WAZUH_MANAGER_PORT Specifies the manager’s connection port. See server-port.
WAZUH_PROTOCOL Sets the communication protocol between the manager and the agent. Accepts UDP and TCP. Default is UDP. See server-protocol.
WAZUH_AUTHD_SERVER Specifies the Wazuh registration server, used for the agent registration. See agent-auth options.
WAZUH_AUTHD_PORT Specifies the port used by the Wazuh registration server. See agent-auth options.
WAZUH_PASSWORD Sets the Wazuh registration server. See agent-auth options.
WAZUH_NOTIFY_TIME Sets the time between agent checks for manager connection. See notify-time.
WAZUH_TIME_RECONNECT Sets the time interval for the agent to reconnect with the Wazuh manager when connectivity is lost. See time-reconnect.
WAZUH_CERTIFICATE Host SSL validation need of Certificate of Authority. This option specifies the CA path. See agent-auth options.
WAZUH_PEM The SSL agent verification needs a CA signed certificate and the respective key. This option specifies the certificate path. See agent-auth options.
WAZUH_KEY Specifies the key path completing the required variables with WAZUH_PEM for the SSL agent verification process. See agent-auth options.
WAZUH_AGENT_NAME Designates the agent’s name. By default it will be the computer name. See agent-auth options.
WAZUH_GROUP Assigns the agent to one or more existing groups (separated by commas). See agent-auth options.

Examples:

  • Registration with password:
# WAZUH_MANAGER_IP="10.0.0.2" WAZUH_PASSWORD="TopSecret" \
     WAZUH_AGENT_NAME="aix-agent" rpm -i wazuh-agent-3.9.5-1.aix.ppc.rpm
  • Registration with password and assigning a group:
# WAZUH_MANAGER_IP="10.0.0.2" WAZUH_AUTHD_SERVER="10.0.0.2" WAZUH_PASSWORD="TopSecret" \
     WAZUH_GROUP="my-group" rpm -i wazuh-agent-3.9.5-1.aix.ppc.rpm
  • Registration with relative path to CA. It will be searched at your Wazuh installation folder:
# WAZUH_MANAGER_IP="10.0.0.2" WAZUH_AUTHD_SERVER="10.0.0.2" WAZUH_AGENT_NAME="aix-agent" \
     WAZUH_CERTIFICATE="rootCA.pem" rpm -i wazuh-agent-3.9.5-1.aix.ppc.rpm
  • Registration with protocol:
# WAZUH_MANAGER_IP="10.0.0.2" WAZUH_AUTHD_SERVER="10.0.0.2" WAZUH_AGENT_NAME="aix-agent" \
     WAZUH_PROTOCOL="tcp" rpm -i wazuh-agent-3.9.5-1.aix.ppc.rpm
  • Registration and adding multiple address:
# WAZUH_MANAGER_IP="10.0.0.2,10.0.0.3" WAZUH_AUTHD_SERVER="10.0.0.2" \
     WAZUH_AGENT_NAME="aix-agent" rpm -i wazuh-agent-3.9.5-1.aix.ppc.rpm
  • Absolute paths to CA, certificate or key that contain spaces can be written as shown below:
# WAZUH_MANAGER_IP "10.0.0.2" WAZUH_AUTHD_SERVER "10.0.0.2" WAZUH_KEY "/var/ossec/etc/sslagent.key" \
     WAZUH_PEM "/var/ossec/etc/sslagent.cert" rpm -i wazuh-agent-3.9.5-1.aix.ppc.rpm

Note

To verify agents identity with the registration server, it’s necessary to use both KEY and PEM options. See the Enable Agent verification with host validation section.