Category: Wazuh
-
Wazuh – Install, Config, Manage
I’m using Wazuh as Security Information and Event Management (SIEM) solution, it provides monitoring, detection, and alerting of security events and incidents. Wazuh can do much more and its up to you how you learn and integrate it within your infrastructure and IT environment. It can also do XDR and actively block connections, can also…
-
Wazuh Server LDAP/ActiveDirectory Authentication
Official guide: https://documentation.wazuh.com/current/user-manual/user-administration/ldap.html As I was using LDAPS, first step was to copy the Domain Controller SSL Certs or your Local CA cert to the following. As I have two domain controllers with self-signed certs, so I copied them both to single file: /etc/wazuh-indexer/opensearch-security/ldapcacert.pem vi /etc/wazuh-indexer/opensearch-security/config.yml The second section to change is for authorization. Official…