Wazuh Gentoo Repository

Gento Wazuh ebuilds

Wazuh home : https://wazuh.com

Add the repository\ Install Wazuh\     Global information and requirements\     1. Install Wazuh indexer\         1.1 Configure Wazuh indexer\         1.2 Check the installation\     2.Install Wazuh server\         2.1 Configure Wazuh manager\         2.2 Configure Filebeat\         2.3 Test Filebeat installation\     3. Install Wazuh dashboard\         3.1 Configure Wazuh dashboard\     4. Securing your Wazuh installation\     5. Install Wazuh agent\         5.1 Configure Wazuh agent

Add the repository

# Add the following lines in a file names /etc/portage/repos.conf/wazuh-gentoo.conf
[wazuh-gentoo]
location = /var/db/repos/wazuh-gentoo
auto-sync = yes
sync-uri = https://github.com/tthh430/wazuh-gentoo

Install Wazuh

Global information and requitements

• PLease check Wazuh official documentation to be sure to have latest informations
• You need root user privileges to install each component
• Please check the bug section to known known bugs and their workaround

1. Install Wazuh indexer

Please check wazuh indexer install page for requirements.

# To install wazuh indexer
emerge -v app-misc/wazuh-indexer

After emerging wazuh-indexer package, you need to complete the following steps :

• Configure Wazuh indexer
• Test the installation

1.1 Configure Wazuh indexer

# Configure Wazuh indexer
emerge --config "=app-misc/wazuh-indexer-<version>"
# Replace <version> with the wazuh indexer version

1.2 Check the installation

To test the cluster installation, please refer to the Wazuh documentation.

2. Install Wazuh Server

Please check wazuh server install page for requirements.

The Wazuh server is composed of the Wazuh manager and Filebeat.

Do not install Wazuh Manager and Wazuh agent on the same host

# To install wazuh server
emerge -v app-misc/wazuh-server
# It will install wazuh manager and filebeat

After emerging wazuh-manager and filebeat packages, you need to complete the following steps :

• Configure Wazuh manager
• Configure Filebeat
• Test installation

2.1 Configure Wazuh manager

# Configure Wazuh manager
emerge --config "=app-misc/wazuh-manager-<version>"
# Replace <version> with the wazuh manager version

2.2 Configure Filebeat

# Configure Filebeat
emerge --config "=app-misc/filebeat-oss-<version>"
# Replace <version> with the filebeat version

2.3 Test Filebeat installation

To test the installation, please refer to the Wazuh documentation

# To test the filebeat configuration
sudo -u filebeat-oss /usr/share/filebeat/bin/filebeat test config

# To test the filebeat output
sudo -u filebeat-oss /usr/share/filebeat/bin/filebeat test output

3. Install Wazuh Dashboad

Please check wazuh dashboard install page for requirements.

# To install wazuh dashboard
emerge -v www-apps/wazuh-dashboard

After emerging wazuh-manager and filebeat packages, you need to complete the following steps :

• Configure Wazuh Dashboard

3.1 Configure Wazuh Dashboard

# Configure Wazuh Dashboard
emerge --config "=app-misc/wazuh-dashboard-<version>"
# Replace <version> with the wazuh dashboard version

4. Securing your Wazuh installation

To securize the installation, please refer to Wazuh documentation.

5. Install Wazuh Agent

Do not install Wazuh Manager and Wazuh agent on the same host

Please check wazuh agent install page to see different awy to install it.

# To install wazuh agent
WAZUH_MANAGER="<wazuh-manager-ip>" emerge -v app-misc/wazuh-agent
# Replace wazuh-manager-ip with your wazuh manager IP

5.1 Configure Wazuh Agent

# Configure Wazuh Agent
emerge --config "=app-misc/wazuh-agent-<version>"
# Replace <version> with the wazuh agent version