Day 24 – SIEM Setup: Install and configure Wazuh

Objective: Set up a Wazuh SIEM server on a Linux VM. Learn to install the Wazuh manager, indexer (OpenSearch), and dashboard.

Challenge Description: As a SOC analyst, you need a centralized SIEM to collect and analyze logs. In this challenge, you will install Wazuh on a Ubuntu VM to act as your SIEM platform. Wazuh is an open-source security monitoring solution (originally a fork of OSSEC[1]) that provides SIEM and XDR capabilities[2]. After installation, the Wazuh manager will accept data from agents, store it in the indexer, and display alerts in the dashboard.

Tools: Ubuntu/Debian Linux VM

PreviousSIEM

Last updated 3 months ago