Documentation
  • Getting started
  • Installation guide
  • User manual
    • Overview
    • Wazuh server administration
    • Registering agents
    • Agent management
    • Capabilities
      • Log data collection
      • File integrity monitoring
      • Auditing who-data
      • Anomaly and malware detection
      • Monitoring security policies
      • Monitoring system calls
      • Command monitoring
      • Active response
      • Agentless monitoring
      • Anti-flooding mechanism
      • Agent labels
      • System inventory
      • Vulnerability detection
      • VirusTotal integration
      • Osquery
    • Ruleset
    • RESTful API
    • Kibana app
    • Reference
  • Development
  • Docker
  • Deploying with Puppet
  • Deploying with Ansible
  • Using Wazuh for PCI DSS
  • Using Wazuh for GDPR
  • Using Wazuh to Monitor AWS
  • Using Wazuh to Monitor Microsoft Azure
  • Using Wazuh to Monitor Docker
  • Installing Splunk
  • Migrating from OSSEC
  • Release Notes
Wazuh
  • Docs »
  • User manual »
  • Capabilities
  • Edit on GitHub

CapabilitiesΒΆ

In this section, you will find:

  • A deeper explanation of how each capability works.
  • Configuration options for specific capabilities.
  • Frequently asked questions.
  • Some practical examples.

If you find a problem, error or if you want to ask related questions, please contact us through our mailing list.

  • Log data collection
    • How it works
    • Configuration
    • FAQ
  • File integrity monitoring
    • How it works
    • Configuration
    • FAQ
  • Auditing who-data
    • Auditing who-data in Linux
    • Auditing who-data in Windows
    • Manual configuration of the Local Audit Policies in Windows
  • Anomaly and malware detection
    • How it works
    • Configuration
    • FAQ
  • Monitoring security policies
    • Rootcheck
    • OpenSCAP
    • CIS-CAT integration
  • Monitoring system calls
    • How it works
    • Configuration
  • Command monitoring
    • How it works
    • Configuration
    • FAQ
  • Active response
    • How it works
    • Configuration
    • FAQ
  • Agentless monitoring
    • How it works
    • Configuration
    • FAQ
  • Anti-flooding mechanism
    • Why an anti-flooding mechanism is needed
    • How it works: Leaky bucket
    • Use case: Leaky bucket
    • Anti-flooding in agent modules
  • Agent labels
    • How it works
    • Use case
  • System inventory
    • How it works
    • Available scans
    • Compatibility matrix
    • Use case: Visualize system inventory in the Wazuh app
  • Vulnerability detection
    • How it works
    • Compatibility matrix
    • Use case: Running a vulnerability scan
  • VirusTotal integration
    • What is VirusTotal
    • ToS: Public API vs Private API
    • Integration
  • Osquery
    • How it works
    • Configuration
    • Alert examples
Next Previous

© Copyright 2018 - Wazuh, Inc.