Here I share my learned experience in the form of tech blogs to share with my colleagues and friends.
-
Wazuh – Install, Config, Manage
I’m using Wazuh as Security Information and Event Management (SIEM) solution, it provides monitoring, detection, and alerting of security events and incidents. Wazuh can do much more and its up to you how you learn and integrate it within your infrastructure and IT environment. It can also do XDR and actively block connections, can also…
-
Wazuh Server LDAP/ActiveDirectory Authentication
Official guide: https://documentation.wazuh.com/current/user-manual/user-administration/ldap.html As I was using LDAPS, first step was to copy the Domain Controller SSL Certs or your Local CA cert to the following. As I have two domain controllers with self-signed certs, so I copied them both to single file: /etc/wazuh-indexer/opensearch-security/ldapcacert.pem vi /etc/wazuh-indexer/opensearch-security/config.yml The second section to change is for authorization. Official…
-
Creating a custom EE for AWX
Ansible Execution Environment (EE) is used in AWX and Redhat Tower stack as the container that runs jobs or tasks. EE executes a virtual environment (venv) which runs in the task Pod/Container as shown below: You can run into situations where you want to use certain ansible plugin which will require certain python dependencies and…