TLDR Wazuh setup
Create two servers on Linode:
- 1GB Ubuntu for the agent
- 4GB Ubuntu for the server Note:This is the minimum requirement
On the server machine
- Connect to the "server" via SSH and run
apt update
- Next, run
curl -sO https://packages.wazuh.com/4.9/wazuh-install.sh && sudo bash ./wazuh-install.sh -a
You should see an output like this:
INFO: --- Summary --- INFO: You can access the web interface https://<wazuh-dashboard-ip> User: admin Password: <ADMIN_PASSWORD> INFO: Installation finished.
You should now be able to login to the machine in your browser using the credentials provided.
On the agent machine
- Connect to the "agent" via SSH and run
apt update
curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg
echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list
apt-get update
Deply the Wazuh Agent
WAZUH_MANAGER="10.0.0.2" apt-get install wazuh-agent
Enable and start the Wazuh agent service.
systemctl daemon-reload systemctl enable wazuh-agent systemctl start wazuh-agent