All the communications are performed through Wazuh agents once they are registered into the environment.
It is possible to get a new URL by opening a support ticket through the Help section on the Wazuh Cloud Console, but the previous URL is also kept.
When the tier limit is reached, the oldest events are removed from your index. This data is available in cold storage for you to access. To learn more about data logging and storage, see the Cold storage section.
It is possible to download the data from the cold storage and reindex it into your local environments but, at this moment, it is not possible to reindex it in your cloud environment.
You can upgrade or downgrade the tier by contacting the Wazuh team through the Help section of your Wazuh Cloud Console.
SSH access is not allowed for security reasons. Environments are managed from the Wazuh Cloud Console and Wazuh WUI.
Wazuh takes care of the updates so your environment gets the latest version of Wazuh with no downtime.
No, all the communications are performed through Wazuh agents once they are registered into the environment. However, you have alternative options. For more information on how to forward syslog events to your environment, see the Forward syslog events section.
No, all the communications are performed through Wazuh agents.
Yes, you can access the Wazuh WUI of your environment through your SSO tool. To perform this action, you need to contact the Wazuh team through the Help section of your Wazuh Cloud Console.
You have access to the Dev tools through your Wazuh WUI where you can use the API. Wazuh API is not exposed, but you can contact the Wazuh team through the Help section of your Wazuh Cloud Console to allow Wazuh API access from a specific IP address.
Elasticsearch API is not accessible by default. If you want to access it, contact the Wazuh team through the Help section of your Wazuh Cloud Console to authorize the connection from a specific IP address. After authorization is granted, you have access to
GET methods of the Elasticsearch API.
You can download your data from cold storage. Then, you can push it to other solutions or Security Operations Center (SOC).
When selecting a region to host your environment, if you are not sure which one is the best option for you, select one that is the closest to your location since this typically reduces latency for indexing and search requests.