Install Wazuh Server

Tutorial Instalasi Linux & Software Hits: 122

You can use Wazuh for the following applications:

  1. Security analysis
  2. Log analysis
  3. Vulnerability detection
  4. Container security
  5. Cloud security

Setup Pre-requisites

The minimum hardware requirements are as below:

  • 4 GB of RAM
  • 2 CPU cores

Recommended specs are:

  • 16 GB of RAM
  • 8 CPU cores

 Install the packages below needed for the running of Wazuh Manager.

sudo apt update
sudo apt install vim curl apt-transport-https unzip wget libcap2-bin software-properties-common lsb-release gnupg2

Option 1: Automated install of Wazuh Server on Ubuntu 20.04|18.04 using script

The fastest way to install Wazuh on a single host is by using a script that automatically detects OS type and performs a health check to verify that the available system resources meet the minimal requirements.

Download the script to your Ubuntu system where Wazuh server is installed

curl -sO https://packages.wazuh.com/4.3/wazuh-install.sh

Once the script is downloaded run it:

sudo bash ./wazuh-install.sh -a

Installation process should take few minutes to complete:

23/05/2022 11:36:11 INFO: Starting Wazuh installation assistant. Wazuh version: 4.3.1
23/05/2022 11:36:11 INFO: Verbose logging redirected to /var/log/wazuh-install.log
23/05/2022 11:36:13 ERROR: Wazuh manager already installed.
23/05/2022 11:36:13 ERROR: Wazuh indexer already installed.
23/05/2022 11:36:14 ERROR: Wazuh dashboard already installed.
23/05/2022 11:36:14 ERROR: Filebeat already installed.
23/05/2022 11:36:14 INFO: If you want to overwrite the current installation, run this script adding the option -o/--overwrite. This will erase all the existing configuration and data.
root@ubuntu-01:~# sudo bash ./wazuh-install.sh -a -o
23/05/2022 11:36:21 INFO: Starting Wazuh installation assistant. Wazuh version: 4.3.1
23/05/2022 11:36:21 INFO: Verbose logging redirected to /var/log/wazuh-install.log
23/05/2022 11:36:23 INFO: --- Removing existing Wazuh installation ---
23/05/2022 11:36:23 INFO: Removing Wazuh manager.
23/05/2022 11:36:37 INFO: Wazuh manager removed.
23/05/2022 11:36:37 INFO: Removing Wazuh indexer.
23/05/2022 11:36:45 INFO: Wazuh indexer removed.
23/05/2022 11:36:45 INFO: Removing Filebeat.
23/05/2022 11:36:51 INFO: Filebeat removed.
23/05/2022 11:36:51 INFO: Removing Wazuh dashboard.
23/05/2022 11:37:07 INFO: Wazuh dashboard removed.
23/05/2022 11:37:07 INFO: Installation cleaned.
23/05/2022 11:37:19 INFO: Wazuh repository added.
23/05/2022 11:37:19 INFO: --- Configuration files ---
23/05/2022 11:37:19 INFO: Generating configuration files.
23/05/2022 11:37:20 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
23/05/2022 11:37:20 INFO: --- Wazuh indexer ---
23/05/2022 11:37:20 INFO: Starting Wazuh indexer installation.
23/05/2022 11:38:23 INFO: Wazuh indexer installation finished.
23/05/2022 11:38:24 INFO: Wazuh indexer post-install configuration finished.
23/05/2022 11:38:24 INFO: Starting service wazuh-indexer.
23/05/2022 11:38:45 INFO: wazuh-indexer service started.
23/05/2022 11:38:45 INFO: Initializing Wazuh indexer cluster security settings.
23/05/2022 11:38:58 INFO: Wazuh indexer cluster initialized.
23/05/2022 11:38:58 INFO: --- Wazuh server ---
23/05/2022 11:38:58 INFO: Starting the Wazuh manager installation.
23/05/2022 11:40:18 INFO: Wazuh manager installation finished.
23/05/2022 11:40:18 INFO: Starting service wazuh-manager.
23/05/2022 11:40:38 INFO: wazuh-manager service started.
23/05/2022 11:40:38 INFO: Starting Filebeat installation.
23/05/2022 11:40:47 INFO: Filebeat installation finished.
23/05/2022 11:40:47 INFO: Filebeat post-install configuration finished.
23/05/2022 11:40:47 INFO: Starting service filebeat.
23/05/2022 11:40:49 INFO: filebeat service started.
23/05/2022 11:40:49 INFO: --- Wazuh dashboard ---
23/05/2022 11:40:49 INFO: Starting Wazuh dashboard installation.
23/05/2022 11:41:39 INFO: Wazuh dashboard installation finished.
23/05/2022 11:41:39 INFO: Wazuh dashboard post-install configuration finished.
23/05/2022 11:41:39 INFO: Starting service wazuh-dashboard.
23/05/2022 11:41:40 INFO: wazuh-dashboard service started.
23/05/2022 11:42:08 INFO: Initializing Wazuh dashboard web application.
23/05/2022 11:42:19 INFO: Wazuh dashboard web application initialized.
23/05/2022 11:42:19 INFO: --- Summary ---
23/05/2022 11:42:19 INFO: You can access the web interface https://<wazuh-dashboard-ip>
    User: admin
    Password: PRPdOq0eQ23v5huwAdkB1ukBBqfGeCfu
23/05/2022 11:42:19 INFO: Installation finished.

Take note of access credentials:

23/05/2022 11:42:19 INFO: You can access the web interface https://<wazuh-dashboard-ip>
    User: admin
    Password: PRPdOq0eQ23v5huwAdkB1ukBBqfGeCfu

Access the portal at https://<serverip> on your web browser and login

 

Related Articles