Intrusion Detection System

The Wazuh Intrusion Detection System watches over all hosts and will report problems to the mail address.

The wazuh API user and password must be created to allow the agents to register on the server. For instance:

$ cat ~/.enough/
wazuh_api_username: apiuser
wazuh_api_password: .S3cur3Pa75w0rd-#


The password must obey the wazuh requirements to be valid. The command line apg -n 1 -M SNCL -m 8 -x 16 will generate a suitable password.

The service is created on the host specified by the –host argument:

$ enough --domain service create --host wazuh-host wazuh