Upgrading Wazuh Components
In this post, I'll be covering process of upgrading Wazuh tailored to some customizations in my environment.
Wazuh SIEM
In this post, I'll be covering process of upgrading Wazuh tailored to some customizations in my environment.
In this post, I show you how to configure and monitor File Integrity Monitoring (FIM) in Wazuh.
Recently, the folks at Chainguard open-sourced some Osquery threat hunting queries, so I wrote a script to convert the queries to YAML docs for import into FleetDM.
In this post, I demonstrate how to install and configure RITA on a NIDS node running Zeek and ingest the RITA output with Wazuh command logging.
In this post, I elaborate on the Log All JSON option in the Wazuh Manager's configuration and how that can add more context beyond just alerts.
In this post, I show how to manage your Wazuh Indexer indices in order to improve performance and manage disk space consumed by indices.
In this post, I explore the OwlH integration with Wazuh and the convenience of the centralized NIDS configuration management it offers.
In this post, I go over the procedure of migrating from OpenDistro Elasticsearch to Wazuh Indexer, OpenDistro Kibana to Wazuh Dashboard, and Wazuh 4.2 to Wazuh 4.3.
In this post, I show how I implemented and worked around some issues while adding an enhanced ruleset mapping Sysmon events to ATT&CK IDs.