Cyber Security: Ubuntu 26.04: Wazuh Agent Install
Jump to navigation
Jump to search
Prompt:
install wazuh agent untuk IP wazuh manager 192.168.0.105 nama device server-korban-192.168.0.100
CLI:
sudo apt-get update sudo apt-get install -y gnupg apt-transport-https curl curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | \ sudo gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import sudo chmod 644 /usr/share/keyrings/wazuh.gpg echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | \ sudo tee /etc/apt/sources.list.d/wazuh.list sudo apt-get update
Install:
sudo WAZUH_MANAGER="192.168.0.105" \ WAZUH_AGENT_NAME="server-wazuh" \ apt-get install -y wazuh-agent
Load & Cek:
sudo systemctl daemon-reload sudo systemctl enable wazuh-agent sudo systemctl start wazuh-agent sudo systemctl status wazuh-agent
Cek Config
sudo grep -A5 -B2 "192.168.0.105" /var/ossec/etc/ossec.conf nc -zv 192.168.0.5 1514 1515
Di Wazuh Server
sudo /var/ossec/bin/agent_control -l
Atau lewat dashboard:
Wazuh Dashboard → Agents management → Summary
Untuk Wazuh Docker
sudo docker ps --format "table Template:.Names\tTemplate:.Image\tTemplate:.Status\tTemplate:.Ports" | grep wazuh
Misalnya:
single-node-wazuh.dashboard-1 wazuh/wazuh-dashboard:4.14.5 Up 23 minutes 443/tcp, 0.0.0.0:443->5601/tcp, [::]:443->5601/tcp single-node-wazuh.manager-1 wazuh/wazuh-manager:4.14.5 Up 23 minutes 0.0.0.0:1514-1515->1514-1515/tcp, [::]:1514-1515->1514-1515/tcp, 0.0.0.0:514->514/udp, [::]:514->514/udp, 0.0.0.0:55000->55000/tcp, [::]:55000->55000/tcp, 1516/tcp single-node-wazuh.indexer-1 wazuh/wazuh-indexer:4.14.5 Up 23 minutes 0.0.0.0:9200->9200/tcp, [::]:9200->9200/tcp
Cek Agent
sudo docker exec -it single-node-wazuh.manager-1 /var/ossec/bin/agent_control -l