Registering the Wazuh agents using the Wazuh API

The Wazuh API allows the Wazuh agent registration by running a single request from any host. This request returns the Wazuh agent's registration key, which must be manually added to the Wazuh agent using manage_agents utility.


Root user privileges are necessary to execute all the commands described below, and the Wazuh API must be accessible from the host on which the request is executed.

Choose the tab corresponding to the Wazuh agent host operating system:

  1. Open a terminal in the Wazuh agent's host as a root user. To add the Wazuh agent to the Wazuh manager and extract the registration key execute the following Wazuh API request POST /agents and replacing the values in the angle brackets:

    # curl -k -X POST -d '{"name":"<agent_name>","ip":"<agent_IP>"}' "https://localhost:55000/agents?pretty=true" -H "Content-Type:application/json" -H "Authorization: Bearer $TOKEN"

    The output of the Wazuh API request returns the registration key:

        "error": 0,
        "data": {
            "id": "001",

    More information about API credentials and HTTPS support can be found on Wazuh API configuration.

  2. Import the registration key to the Wazuh agent using manage_agents utility. Replace the Wazuh agent's registration key:

    # /var/ossec/bin/manage_agents -i <key>

    An example output of the command looks as follows:

    Agent information:
       IP Address:any
    Confirm adding it?(y/n): y
  3. To enable the communication with the Wazuh manager, edit the Wazuh agent's configuration file placed at /var/ossec/etc/ossec.conf.

    In the <client><server> section, MANAGER_IP has to be replaced with the Wazuh server's IP address or the DNS name:

  4. Restart the Wazuh agent:

# systemctl restart wazuh-agent