Skip to content

Re-add SIEM #170

Closed
Closed
@Mafyuh

Description

@Mafyuh

Wazuh used to be installed but I never used so got rid of. Does need at least 2 core and 2GB RAM, recommended is 8 cores and 4GB RAM

Agents will need to reconfigured on physical machines, integrated into Cloud-init or Packer templates for VM's

Can use Prometheus + Grafana for metrics instead of Wazuh dashboard https://github.com/pyToshka/wazuh-prometheus-exporter

Activity

moved this to Backlog in @Mafyuh's IaCon Apr 18, 2025
self-assigned this
on Apr 18, 2025
moved this from Backlog to Done in @Mafyuh's IaCon Apr 20, 2025
closed this as completedby moving to Done in @Mafyuh's IaCon Apr 20, 2025
Mafyuh

Mafyuh commented on Apr 20, 2025

@Mafyuh
OwnerAuthor

Wazuh re-added, have most hosts setup as agents already and cleared out some easy CVE's

For Windows + VirusTotal
https://documentation.wazuh.com/current/proof-of-concept-guide/detect-remove-malware-virustotal.html#configuration-for-the-windows-endpoint

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Labels

No labels
No labels

Projects

Status

Done

Milestone

No milestone

Relationships

None yet

    Development

    No branches or pull requests

      Participants

      @Mafyuh

      Issue actions

        Re-add SIEM · Issue #170 · Mafyuh/iac