.. _ids:
Intrusion Detection System
==========================
The `Wazuh `_ Intrusion Detection System watches
over all hosts and will report problems to the `ids@example.com` mail
address.
The wazuh API user and password must be created to allow the agents
to register on the server. For instance:
.. code::
$ cat ~/.enough/example.com/group_vars/all/wazuh.yml
---
wazuh_mailto: contact@enough.community
wazuh_email_from: contact@enough.community
wazuh_api_username: apiuser
wazuh_api_password: .S3cur3Pa75w0rd-#
.. note::
The password must obey the `wazuh requirements `__ to be valid.
The command line `apg -n 1 -M SNCL -m 8 -x 16` will generate a suitable password.
The service is created on the host specified by the `--host` argument:
.. code::
$ enough --domain example.com service create --host wazuh-host wazuh