Wazuh
  • 02 Aug 2022
  • 1 Minute to read
  • Dark
    Light
  • PDF

Wazuh

  • Dark
    Light
  • PDF

Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. Wazuh Domain – Enter the hostname of the Wazuh server.
  2. Port (required, default: 55000) - Enter the port to be used in the connection.
  3. User Name and Password (required) – The username and password for an account that has Read access to the API.
  4. Use API V4 - Select to use API version 4, which allows fetching vulnerabilities data. When cleared, API V3 is selected.
  5. Is Cloud - Select if you're using Wazuh Cloud instead of an on-premises version of Wazuh.
  6. Verify SSL – Select whether to verify the SSL certificate of the server.
  7. HTTPS Proxy (optional) – Connect the adapter to a proxy instead of directly connecting it to the domain.

wazuh.png

Advanced Settings

Note:

From Version 4.6, Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  • Fetch vulnerabilities - Select to fetch vulnerabilities for each agent.
Note:

Verify that Use API V4 is selected, as API V3 doesn't support this option.


Note:

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.


APIs

Axonius uses the Wazuh API.

Supported From Version

Supported from Axonius version 4.5



First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.