User manual
Welcome to the Wazuh user manual. Use it as your Wazuh reference library once you have a basic Wazuh installation in place. In the same way that the main components of Wazuh are a fork of the renowned OSSEC HIDS project, so this user manual has been derived from the OSSEC documentation. Kudos to the OSSEC team for their huge contribution to the IT security community.
Contents
- Overview
- Wazuh server administration
- Certificates deployment
- Registering Wazuh agents
- Agent management
- Deploying a Wazuh cluster
- Capabilities
- Log data collection
- File integrity monitoring
- Auditing who-data
- Anomaly and malware detection
- Security Configuration Assessment
- Monitoring security policies
- Monitoring system calls
- Command monitoring
- Active response
- Agentless monitoring
- Anti-flooding mechanism
- Agent labels
- System inventory
- Vulnerability detection
- VirusTotal integration
- Osquery
- Agent key polling
- Fluentd forwarder
- Ruleset
- RESTful API
- Wazuh Kibana plugin
- Reference
- Elasticsearch tuning
- Uninstalling the Wazuh components