- 10 May 2023
- 1 Minute to read
- Updated on 10 May 2023
- 1 Minute to read
Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.
Types of Assets Fetched
This adapter fetches the following types of assets:
- Wazuh Domain – Enter the hostname of the Wazuh server.
- Port (required, default: 55000) - Enter the port to be used in the connection.
- User Name and Password (required) – The username and password for an account that has Read access to the API.
- Use API V4 - Select to use API version 4, which allows fetching vulnerabilities data. When cleared, API V3 is selected.
- API Rate Limit (Calls per Minute) (default 300) - Configure the API rate per minute (the number of API calls being made).
- Is Cloud - Select if you're using Wazuh Cloud instead of an on-premises version of Wazuh.
- Verify SSL – Select whether to verify the SSL certificate of the server.
- HTTPS Proxy (optional) – Connect the adapter to a proxy instead of directly connecting it to the domain.
From Version 4.6, Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters.
- Fetch vulnerabilities - Select to fetch vulnerabilities for each agent.
Verify that Use API V4 is selected, as API V3 doesn't support this option.
- Include agent extra items - Select this option to fetch extra information about the asset such as system inventory items, or the scan database.
- Fetch policy checks - Select this option to fetch policy checks related to the SCA database items.
To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.
Axonius uses the Wazuh API.
Supported From Version
Supported from Axonius version 4.5