Command monitoring

There are times when you may want to monitor things that are not in the logs. To address this, Wazuh incorporates the ability to monitor the output of specific commands and treat the output as though it were log file content.

Contents

• How it works
  • Configure Wazuh agents to accept remote commands from the manager
  • Configure a command to monitor
  • Process the output
• Configuration
  • Basic usage
  • Monitor running Windows processes
  • Disk space utilization
  • Check if the output changed
  • Load average
  • Detect USB Storage
• FAQ
  • Can I monitor commands on Linux and Windows?
  • What are the command monitoring capabilities?
  • Can I check if an application is running on an agent?