Deploying Wazuh through the Linode Marketplace
Traducciones al EspañolEstamos traduciendo nuestros guías y tutoriales al Español. Es posible que usted esté viendo una traducción generada automáticamente. Estamos trabajando con traductores profesionales para verificar las traducciones de nuestro sitio web. Este proyecto es un trabajo en curso.
Wazuh provides a security solution for monitoring your infrastructure and detecting threats, intrusion attempts, system anomalies, poorly configured applications, and unauthorized user actions. It also provides a framework for incident response and regulatory compliance.
Deploying the Wazuh Marketplace App
The Linode Marketplace allows you to easily deploy software on a Linode using the Linode Cloud Manager.
Log in to the Cloud Manager and select the Marketplace link from the left navigation menu. This displays the Linode Compute Create page with the Marketplace tab pre-selected.
Under the Select App section, select the app you would like to deploy.
Fill out all required Options for the selected app as well as any desired Advanced Options (which are optional). See the Configuration Options section for details.
Complete the rest of the form as discussed within the Getting Started > Create a Linode.
Click the Create Linode button. Once the Linode has provisioned and has fully powered on, wait for the software installation to complete. If the Linode is powered off or restarted before this time, the software installation will likely fail. To determine if the installation has completed, open the Linode’s Lish console and wait for the system login prompt to appear.
Follow the instructions within the Getting Started After Deployment section.
Software installation should complete within 10-15 minutes after the Linode has finished provisioning.
Configuration Options
Wazuh Options
Here are the additional options available for this Marketplace App:
| Field | Description |
|---|---|
| Admin Email for the server | This email is require to generate the SSL certificates. Required |
| Your Linode API Token | Your Linode API Token is needed to create DNS records. If this is provided along with the subdomain and domain fields, the installation attempts to create DNS records via the Linode API. If you don’t have a token, but you want the installation to create DNS records, you must
create one before continuing. |
| Subdomain | The subdomain you wish the installer to create a DNS record for during setup. The suggestion given is www. The subdomain should only be provided if you also provide a domain and API Token. |
| Domain | The domain name where you wish to host your Wazuh instance. The installer creates a DNS record for this domain during setup if you provide this field along with your API Token. |
| The limited sudo user to be created for the Linode | This is the limited user account to be created for the Linode. This account has sudo user privileges. |
| The password for the limited sudo user | Set a password for the limited sudo user. The password must meet the complexity strength validation requirements for a strong password. This password can be used to perform any action on your server, similar to root, so make it long, complex, and unique. |
| The SSH Public Key that will be used to access the Linode | If you wish to access SSH via Public Key (recommended) rather than by password, enter the public key here. |
| Disable root access over SSH? | Select Yes to block the root account from logging into the server via SSH. Select No to allow the root account to login via SSH. |
General Options
For advice on filling out the remaining options on the Create a Linode form, see Getting Started > Create a Linode. That said, some options may be limited or recommended based on this Marketplace App:
- Supported distributions: Ubuntu 20.04 LTS
- Recommended plan: All plan types and sizes can be used, though a minimum of a 8GB Instance is recommended for production.
Getting Started after Deployment
Accessing the Wazuh App
Open a web browser and navigate to the domain you created in the beginning of your deployment. You can also use your Compute Instance’s rDNS, which may look like
203-0-113-0.ip.linodeusercontent.com. See the Managing IP Addresses guide for information on viewing and setting the rDNS value.In the login screen that appears, enter
adminas the username andadminas the password. Since the default admin user is set to read-only, you need to follow the steps below to reset the admin password.Log in to your Compute Instance over SSH. See Connecting to a Remote Server Over SSH for assistance.
Run the Wazuh Password reset tool that has been preloaded onto your instance in the root directory:
bash /root/wazuh-passwords-tool.sh -aAfter the tool finishes running, it outputs all of the new passwords for each system. Record these credentials.
You are now able to log in to your Wazuh instance with your new admin credentials.
Now that you’ve accessed your Wazuh instance, you need to configure a Wazuh Agent on the server you’d like to monitor with Wazuh.
For more documentation on Wazuh, check out the official Wazuh documentation to learn how to further utilize your instance.
NoteCurrently, Linode does not manage software and systems updates for Marketplace Apps. It is up to the user to perform routine maintenance on software deployed in this fashion.
More Information
You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.
This page was originally published on