🔨Wazuh configuration

What we have to do here is, add the agent to the Wazuh server. As you can see in the dashboard there is no any agents at the movement.

The Wazuh agent runs on Linux, Windows, macOS, Solaris, AIX, and other operating systems. It can be deployed to laptops, desktops, servers, cloud instances, containers, or virtual machines. The agent helps to protect your system by providing threat prevention, detection, and response capabilities

Wazuh Dashboard

In order to install the agent click add agent and follow the steps.

In our example we are going to add the windows 10 client to Wazuh. follow the step numbers.

Wazuh Agent Creation

Next, you have to assign a name for the agent. this is optional. I have added a name.

Wazuh Agnet Name

Then you can copy the entire command in the step number 4.

Wazuh Agent Script

Once you copy that, go to your windows 10 PC and open PowerShell run as administrator and past the command and then press Enter

Wazuh Agnet script on Win 10 VM
Installing the Wazuh Agent

after that we can start the Wazuh service. in the same PowerShell window type,

net start wazuhsvc
Wazuh Agent Service Started

Now move back to the Wazuh dashboard and check whether you have got the agent reported like below.

Wazuh Agent on Dashboard

You can click the home button and go to the home menu.

Once you are there, you can check the security events on your windows 10 client.

Wazuh Security Events
Wazuh Security Events Dashboard

PreviousConfigure HiveNextConfigure Wazuh Alerts

Last updated