Installing dependencies
You can configure the integration with Azure either in the Wazuh manager or in a Wazuh agent. This choice depends solely on how you access your Azure infrastructure in your environment.
You only need to install dependencies when configuring the integration with Azure in a Wazuh agent. The Wazuh manager already includes all the necessary dependencies.
Python
The Wazuh module for Azure requires Python 3. Specifically, it's compatible with Python 3.8–3.12. While later Python versions should work as well, we can't assure they are compatible. If you do not have Python 3 already installed, run the following command to install it on the endpoint where the Wazuh agent is installed.
# yum update && yum install python3
# apt-get update && apt-get install python3
You can install the required modules with Pip, the Python package manager. Most UNIX distributions have this tool available in their software repositories. Run the following command to install pip on your endpoint if you do not have it already installed.
# yum update && yum install python3-pip
# apt-get update && apt-get install python3-pip
We recommend using Pip 19.3 or later to simplify the installation of the dependencies. Run this command to check your pip version.
# pip3 --version
An example output is as follows.
pip 22.0.2 from /usr/lib/python3/dist-packages/pip (python 3.10)
If your pip version is less than 19.3, run the following command to upgrade the version.
# pip3 install --upgrade pip
# pip3 install --upgrade pip --break-system-packages
Note
This command modifies the default externally managed Python environment. See the PEP 668 description for more information.
To prevent the modification, you can run pip3 install --upgrade pip
within a virtual environment. You must update the shebang of the /var/ossec/wodles/azure/azure-logs
Python script with the interpreter in your virtual environment. For example, #!/path/to/your/virtual/environment/bin/python3
.
Azure Storage client library for Python
Azure Storage Blobs client library is the official Python library for Microsoft's Azure Blob storage.
To install the dependencies, execute the following command:
# pip3 install azure-storage-blob==12.20.0 azure-storage-common==2.1.0 azure-common==1.1.25 cryptography==3.3.2 cffi==1.14.4 pycparser==2.20 six==1.14.0 python-dateutil==2.8.1 requests==2.25.1 certifi==2022.12.07 chardet==3.0.4 idna==2.9 urllib3==1.26.18 SQLAlchemy==2.0.23 pytz==2020.1
# pip3 install --break-system-packages azure-storage-blob==12.20.0 azure-storage-common==2.1.0 azure-common==1.1.25 cryptography==3.3.2 cffi==1.14.4 pycparser==2.20 six==1.14.0 python-dateutil==2.8.1 requests==2.25.1 certifi==2022.12.07 chardet==3.0.4 idna==2.9 urllib3==1.26.18 SQLAlchemy==2.0.23 pytz==2020.1
Note
If you're using a virtual environment, remove the --break-system-packages
parameter from the command above.