Tag: SIEM

Official guide: https://documentation.wazuh.com/current/user-manual/user-administration/ldap.html As I was using LDAPS, first step was to copy the Domain Controller SSL Certs or your Local CA cert to the following. As I have two domain controllers with self-signed certs, so I copied them both to single file: /etc/wazuh-indexer/opensearch-security/ldapcacert.pem vi /etc/wazuh-indexer/opensearch-security/config.yml The second section to change is for authorization. Official…