Wazuh: Exploring the OwlH Integration
In this post, I explore the OwlH integration with Wazuh and the convenience of the centralized NIDS configuration management it offers.
By
0xBEN
Defend
Defensive cybesecurity, blue teaming
By
0xBEN
Wazuh: Migrating to Wazuh Dashboard, Wazuh Indexer, and to Version 4.3
In this post, I go over the procedure of migrating from OpenDistro Elasticsearch to Wazuh Indexer, OpenDistro Kibana to Wazuh Dashboard, and Wazuh 4.2 to Wazuh 4.3.
By
0xBEN
Wazuh: Mapping Sysmon Events to MITRE ATT&CK IDs
In this post, I show how I implemented and worked around some issues while adding an enhanced ruleset mapping Sysmon events to ATT&CK IDs.
By
0xBEN
Wazuh Announces Version 4.3
The Wazuh team announced a new major version, 4.3. The Proxmox home lab guide on my blog points to installing 4.2 and I wanted to make a note for new or returning readers about the new announcement.
By
0xBEN
Monitoring pfSense with Wazuh
In this post, I demonstrate how I installed the Wazuh agent on a pfSense host and ingested some logs into my SIEM.
By
0xBEN
Wazuh: Upgrading Elasticsearch to a Multi-Node Cluster
In this post, I show you how to horizontally scale your Elasticsearch single-node setup to a multi-node cluster.
By
0xBEN
Free IT and Cybersecurity Resources
I will try to keep this list continuously updated with training and informational resources for different areas that could benefit students and professionals of cybersecurity and IT
By
0xBEN
Adding a Comprehensive Wazuh SIEM and Network Intrusion Detection System (NIDS) to the Proxmox Lab
In this module, we will take a look at the process setting up a comprehensive Wazuh SIEM, including a NIDS and some HIDS agents, in our Proxmox home lab.
By
0xBEN
Featured
public
Proxmox
Proxmox VE 8: Converting a Laptop into a Bare Metal Server
In this post, we will take a look at an in-detail process of setting up a Proxmox home lab on a bare metal server.
By
0xBEN