Series: Wazuh - SIEM and XDR

The Open Source Security Platform that provides
Unified XDR and SIEM protection for endpoints
and cloud workloads

Remotely Upgrading Wazuh Agents – CLI Method

by
This entry is part 1 of 5 in the series Wazuh - SIEM and XDR

Views: 33To upgrade agents using the command line, use the agent_upgrade tool as follows: List all the agents with outdated software: [root@wazuh-server wazuh-user]# /var/ossec/bin/agent_upgrade -lID    Name                                Version                   001   zyberpatrol-pdc                     Wazuh v4.7.1    Upgrade the agent with ID 001 using the ‘-a’ parameter followed by the agent ID: [root@wazuh-server wazuh-user]# /var/ossec/bin/agent_upgrade -a 001 Upgrading… Upgraded agents:       Agent 001 upgraded: Wazuh v4.7.1 … Read more

Adversary emulation with Caldera and Wazuh: Part 02

by
This entry is part 2 of 5 in the series Wazuh - SIEM and XDR

Views: 21 Deploy Agents on Linux machines 2 Windows and 1 Linux agents Configure sysmon We configure the agent to capture Sysmon events by adding the following settings to the agent configuration file in “C:\Program Files (x86)\ossec-agent\ossec.conf” Restart the Wazh agent after modifying the agent configuration file. Detection using Wazuh The attacks against the Linux agent … Read more