I am starting test https://wazuh.com/blog/auditing-kubernetes-with-wazuh/ but my implementation is in kubernetes and it is not able to enable systemctl wazuh.webhook and other required. it is supported on this platform? does anybody tested it?
Create a systemd service at /lib/systemd/system/wazuh-webhook.service:
[Unit]
Description=Wazuh webhook
Wants=network-online.target
After=network.target network-online.target
[Service]
ExecStart=/var/ossec/framework/python/bin/python3 /var/ossec/integrations/custom-webhook.py
Restart=on-failure
[Install]
WantedBy=multi-user.target
systemctl daemon-reload
systemctl enable wazuh-webhook.service
systemctl start wazuh-webhook.service
K8S Environment daemons
root@wazuh-manager-master-0:/# /etc/init.d/wazuh-manager status
wazuh-clusterd not running...
wazuh-modulesd not running...
wazuh-monitord not running...
wazuh-logcollector not running...
wazuh-remoted not running...
wazuh-syscheckd not running...
wazuh-analysisd not running...
wazuh-maild not running...
wazuh-execd not running...
wazuh-db not running...
wazuh-authd not running...
wazuh-agentlessd not running...
wazuh-integratord not running...
wazuh-dbd not running...
wazuh-csyslogd not running...
wazuh-apid not running...
root@wazuh-manager-master-0:/#
I am starting test https://wazuh.com/blog/auditing-kubernetes-with-wazuh/ but my implementation is in kubernetes and it is not able to enable systemctl wazuh.webhook and other required. it is supported on this platform? does anybody tested it?
DOC https://wazuh.com/blog/auditing-kubernetes-with-wazuh/
K8S Environment daemons
I opened a question on slack channel and received a suggestion to manage here... https://wazuh.slack.com/archives/C0A933R8E/p1676047707005229