Add Wazuh to monitoring section (No other relavant section for SIEMs)

[natereprogle]

Thank you for taking the time to work on a PR for Awesome-Sysadmin!

To ensure your PR is dealt with swiftly please check the following:

• [X] Your additions are Free software
• [X] Software your are submitting is not your own, unless you have a healthy ecosystem with a few contributors (which aren't your sock puppet accounts).
• [X] Submit one item per pull request. This eases reviewing and speeds up inclusion.
• [X] Format your submission as follows, where Demo and Clients are optional. Do not add a duplicate Source code link if it is the same as the main link. Keep the short description under 80 characters and use sentence case for it, even if the project's webpage or readme uses another capitalisation. Demo links should only be used for interactive demos, i.e. not video demonstrations. - [Name](http://homepage/) - Short description, under 250 characters, sentence case. ([Demo](http://url.to/demo), [Source Code](http://url.of/source/code), [Clients](https://url.to/list/of/related/clients-or-apps)) `License` `Language`
• [X] Additions are inserted preserving alphabetical order.
• [X] Additions are not already listed at awesome-selfhosted
• [X] The Language tag is the main server-side requirement for the software. Don't include frameworks or specific dialects.
• [X] You have searched the repository for any relevant issues or PRs, including closed ones.
• [X] Any category you are creating has the minimum requirement of 3 items.
• [X] Any software project you are adding to the list is actively maintained.
• [X] The pull request title is informative, unlike "Update README.md". Suggested titles: "Add aaa to bbb" for adding software aaa to section bbb, "Remove aaa from bbb" for removing, "Fix license for aaa", etc.

---

Please take some time to answer the following questions as best you can:

• Why is it awesome?

Wazuh is a awesome open source SIEM for everyone. It's easier to deploy than an ELK stack and is entirely free unless you decide you want to use their cloud.

• Have you used it? For how long?

I have not, however I am installing it now and wanted to post it here as well.

• Is this in a personal or professional setup?

Personal

• How many devices/users/services/... do you manage with it?

I will be using 8 devices (2 Linux hosts, 1 Windows host, 5 LXCs)

• Biggest pros/cons compared to other solutions?

No licensing, used by many big name clients.

• Any other comments about your use case, things you've found excellent, limitations you've encountered... ? None for now

[nodiscc]

I have not, however I am installing it now and wanted to post it here as well.

Any other comments about your use case, things you've found excellent, limitations you've encountered... ? None for now

How did it go? Are you still running it? Any new insights on pros/cons?

[natereprogle]

Install went well, it was pretty straight forward to set up. I am not still running it, however, due to it requiring so many resources. I had those resources available, but didn’t want to waste them all on Wazuh, so after messing with it for a couple weeks I removed it. I will say it does require quite a bit of configuration to get it exactly how you want, but out of the box it works well already.

One thing to note is it does not support storing data on an external source such as a database without building it from source yourself and enabling some flags.