The Wazuh API is an open source RESTful API that allows for interaction with the Wazuh manager from a web browser, command line tool like cURL or any script or program able to make web requests. The Wazuh UI relies on the Wazuh API and Wazuh’s ultimate goal is to accommodate complete remote management of the Wazuh infrastructure via the Wazuh UI. Use the Wazuh API to easily perform everyday actions like adding an agent, restarting the manager(s) or agent(s) or looking up syscheck details.
Here is a list of the Wazuh API capabilities:
Manager control and overview
Cluster control and overview
Syscheck control and search
MITRE attacks and CISCAT overview
Access restriction and security (RBAC)
API management (HTTPS, configuration)
Query remote configuration
For more details, see the Use Cases.
- Getting started
- Securing the Wazuh API
- Migrating from the Wazuh API 3.X
- Role-Based Access Control
- Filtering data using queries