Uninstalling Wazuh with Open Distro for Elasticsearch
This document includes instructions to uninstall the Wazuh components.
Uninstall the Wazuh manager
Remove the Wazuh manager installation.
# yum remove wazuh-manager
There are files marked as configuration files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user's responsibility. it can be done by removing the folder
/var/ossec
.# apt-get remove wazuh-manager
There are certain files marked as configuration files. Due to this designation, the package manager does not remove those files from the filesystem. A complete file removal can be done using the following command:
# apt-get remove --purge wazuh-manager
# zypper remove wazuh-manager
There are files marked as configuration files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user's responsibility. it can be done by removing the folder
/var/ossec
.Disable the Wazuh manager service.
# systemctl disable wazuh-manager # systemctl daemon-reload
Choose one option according to your operating system.
RPM-based operating systems:
# chkconfig wazuh-manager off # chkconfig --del wazuh-manager
Debian-based operating systems:
# update-rc.d -f wazuh-manager remove
Uninstall Filebeat
# yum remove filebeat
# apt-get remove filebeat
The Filebeat complete file removal can be accomplished with the following command:
# apt-get remove --purge filebeat
# apt-get remove filebeat
The Filebeat complete file removal can be accomplished with the following command:
# apt-get remove --purge filebeat
Uninstall Elasticsearch
# yum remove opendistroforelasticsearch
There are files marked as configuration and data files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user's responsibility. It can be done by removing the folder /var/lib/elasticsearch
and /etc/elasticsearch
.
# apt-get remove --auto-remove opendistroforelasticsearch
There are files marked as configuration and data files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user’s responsibility. It can be done by removing the folder /var/lib/elasticsearch
and /etc/elasticsearch
.
# zypper remove opendistroforelasticsearch
There are files marked as configuration and data files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user's responsibility. It can be done by removing the folder /var/lib/elasticsearch
and /etc/elasticsearch
.
Uninstall Kibana
# yum remove opendistroforelasticsearch-kibana
There are files marked as configuration and data files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user's responsibility. It can be done by removing the folder /var/lib/kibana
and /etc/kibana
.
# apt-get remove opendistroforelasticsearch-kibana
There are files marked as configuration and data files. Due to this designation, the package manager does not remove those files from the filesystem. A complete file removal can be done using the following command:
# apt-get remove --purge opendistroforelasticsearch-kibana
# zypper remove opendistroforelasticsearch-kibana
There are files marked as configuration and data files. Due to this designation, the package manager does not remove those files from the filesystem. The complete file removal action is on user's responsibility. It can be done by removing the folder /var/lib/kibana
and /etc/kibana
.