Wazuh: File Integrity Monitoring
In this post, I show you how to configure and monitor File Integrity Monitoring (FIM) in Wazuh.
Wazuh SIEM
In this post, I show you how to configure and monitor File Integrity Monitoring (FIM) in Wazuh.
In this post, I demonstrate how to install and configure RITA on a NIDS node running Zeek and ingest the RITA output with Wazuh command logging.
In this post, I elaborate on the Log All JSON option in the Wazuh Manager's configuration and how that can add more context beyond just alerts.
In this post, I show how to manage your Wazuh Indexer indices in order to improve performance and manage disk space consumed by indices.
In this post, I explore the OwlH integration with Wazuh and the convenience of the centralized NIDS configuration management it offers.
In this post, I go over the procedure of migrating from OpenDistro Elasticsearch to Wazuh Indexer, OpenDistro Kibana to Wazuh Dashboard, and Wazuh 4.2 to Wazuh 4.3.
In this post, I show how I implemented and worked around some issues while adding an enhanced ruleset mapping Sysmon events to ATT&CK IDs.
The Wazuh team announced a new major version, 4.3. The Proxmox home lab guide on my blog points to installing 4.2 and I wanted to make a note for new or returning readers about the new announcement.
In this post, I demonstrate how I installed the Wazuh agent on a pfSense host and ingested some logs into my SIEM.