Uninstalling Wazuh with Open Distro for Elasticsearch

This document will give instructions to uninstall each Wazuh component.

Uninstall the Wazuh manager

# yum remove wazuh-manager

There are files marked as configuration files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user’s responsibility. it can be done by removing the folder /var/ossec.

# apt-get remove wazuh-manager

There are certain files marked as configuration files. Due to this designation, the package manager does not remove those files from the filesystem. A complete file removal can be done using the following command:

# apt-get remove --purge wazuh-manager
# zypper remove wazuh-manager

There are files marked as configuration files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user’s responsibility. it can be done by removing the folder /var/ossec.

Uninstall Filebeat

# yum remove filebeat
# apt-get remove filebeat

The Filebeat complete file removal can be accomplished with the following command:

# apt-get remove --purge filebeat
# apt-get remove filebeat

The Filebeat complete file removal can be accomplished with the following command:

# apt-get remove --purge filebeat

Uninstall Elasticsearch

# yum remove opendistroforelasticsearch

There are files marked as configuration and data files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user’s responsibility. It can be done by removing the folder /var/lib/elasticsearch and /etc/elasticsearch.

# apt-get remove --auto-remove opendistroforelasticsearch

There are files marked as configuration and data files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user’s responsibility. It can be done by removing the folder /var/lib/elasticsearch and /etc/elasticsearch.

# zypper remove opendistroforelasticsearch

There are files marked as configuration and data files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user’s responsibility. It can be done by removing the folder /var/lib/elasticsearch and /etc/elasticsearch.

Uninstall Kibana

# yum remove opendistroforelasticsearch-kibana

There are files marked as configuration and data files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user’s responsibility. It can be done by removing the folder /var/lib/kibana and /etc/kibana.

# apt-get remove opendistroforelasticsearch-kibana

There are files marked as configuration and data files. Due to this designation, the package manager does not remove those files from the filesystem. A complete file removal can be done using the following command:

# apt-get remove --purge opendistroforelasticsearch-kibana
# zypper remove opendistroforelasticsearch-kibana

There are files marked as configuration and data files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user’s responsibility. It can be done by removing the folder /var/lib/kibana and /etc/kibana.