Intrusion Detection System¶
The Wazuh Intrusion Detection System watches over all hosts and will report problems to the firstname.lastname@example.org mail address.
The wazuh API user and password must be created to allow the agents to register on the server. For instance:
$ cat ~/.enough/example.com/group_vars/all/wazuh.yml --- wazuh_mailto: email@example.com wazuh_email_from: firstname.lastname@example.org wazuh_api_username: apiuser wazuh_api_password: .S3cur3Pa75w0rd-#
The password must obey the wazuh requirements to be valid. The command line apg -n 1 -M SNCL -m 8 -x 16 will generate a suitable password.
The service is created on the host specified by the –host argument:
$ enough --domain example.com service create --host wazuh-host wazuh