Wazuh agent

The Wazuh agent is multi-platform and runs on the hosts that the user wants to monitor. It communicates with the Wazuh manager, sending data in near real time through an encrypted and authenticated channel.

The agent was developed considering the need to monitor a wide variety of different endpoints without impacting their performance. It requires 35 MB of RAM on average. Therefore, it is supported on the most popular operating systems.

The wazuh agent provides key features to enhance your system’s security.

Log collector

Command execution

File integrity monitoring (FIM)

Security configuration assessment (SCA)

System inventory

Malware detection

Active response

Containers security monitoring

Cloud security monitoring

To install a Wazuh agent, select your operating system and follow the instructions.

Linux

../../_images/linux.png

Windows

../../_images/windows_icon.png

macOS

../../_images/macOS_logo.png

AIX

../../_images/AIX.png

HP-UX

../../_images/hpux.png

If you are deploying Wazuh in a large environment, with a high number of servers or endpoints, keep in mind that this deployment might be easier using automation tools such as Puppet, Chef, SCCM, or Ansible.

Note

Compatibility between the Wazuh agent and the Wazuh manager is guaranteed when the Wazuh manager version is later than or equal to that of the Wazuh agent.