In this blog I will walk you through the significance of index shards, confirming if you have maxed them out, and what to do about it if you have — both on the shorter and longer term.
Implementing a security monitoring system can often be complicated and a huge time investment. With Wazuh, you get an open-source integration of host-based intrusion detection, log analysis, and vulnerability management all in a single…
In this post, I’ll continue our exploration of integrating Suricata with Wazuh 4.9 by applying the setup to a practical security use case. We’ll use DVWA (Damn Vulnerable Web Application) as our attack target and tmNIDS as a testing and monitoring…
This lab documents a simple integration between Wazuh (SIEM) and Tines (SOAR)
Wazuh helps operationalize Zero Trust by serving as the visibility and control layer. It aggregates telemetry from endpoints, cloud workloads, and network devices, providing a unified view of user and system behavior.
In this guide, I will show you step by step how to upgrade Wazuh to a higher version in a multinode deployment architecture. In this example, I have two Wazuh instances — Master and Worker.
This tutorial walks you through setting up a complete Wazuh lab using virtual machines.
This guide offers a step-by-step, technically grounded approach to fine-tuning the module for accuracy, performance, and operational efficiency, based on the latest Wazuh 4.13.x documentation and changelogs.