Wazuh

Overview

Wazuh is an open-source security monitoring system that provides real-time threat detection and incident response. It's designed to be scalable, customizable, and easy to integrate with existing systems.

Key Features

• Real-time Threat Detection: Wazuh collects data from various sources (logs, network traffic, etc.) and analyzes it in real-time to detect potential threats.
• Incident Response: Once a threat is detected, Wazuh provides tools and workflows for incident response, including alerting, tracking, and remediating security incidents.
• Customizable: Wazuh allows users to customize their setup using configuration files, making it easy to adapt to specific environments and requirements.
• Scalable: Designed to handle large volumes of data and scale horizontally or vertically as needed.

Components

• Wazuh Core: The core engine that runs the security monitoring system.
• Wazuh Agents: Lightweight agents that collect data from various sources (logs, network traffic, etc.) and send it to the Wazuh Core for analysis.
• Wazuh API: An API that allows developers to integrate Wazuh with other systems and tools.

Dependencies

• libplist
• libYAML
• liblzma
• Linux Audit userspace
• msgpack
• nlohmann
• OpenSSL
• pacman
• popt
• procps
• RocksDB
• rpm
• sqlite
• zlib

Documentation

• Full documentation is available at documentation.wazuh.com.
• Installation guide: index.html.

Get Involved

Join the Wazuh community to learn from other users, participate in discussions, and contribute to the project. You can also join our Slack channel or mailing list to stay up-to-date on news, releases, and more.

Authors

Wazuh is copyrighted by Wazuh Inc., under the GNU General Public License version 2 (GPLv2). It's based on the OSSEC project started by Daniel Cid.

> Visit wazuh Website <