Cross-Cluster Search (CCS) in Wazuh allows alerts from remote Wazuh clusters to be queried and viewed at a centralized location. The centralized location known as the Cross-Cluster Search (CCS) environment is trusted by the remote Wazuh clusters, enabling it to perform search operations. This lets security alerts be seen via a single Wazuh dashboard at […]
Learn how you can use the search tools provided on the Wazuh app for Kibana, thanks to its integration with the Elastic Stack.
Wazuh, as an open source unified XDR and SIEM platform, continuously offers diverse integration approaches with various data analysis and visualization solutions. We developed a new approach for Integrating Wazuh and OpenSearch. OpenSearch is an open source search and analytics engine that provides a platform for managing and visualizing security data. Integrating Wazuh and OpenSearch […]
In this topic, we will see why Wazuh needs an Elasticsearch template and also you will learn key concepts and the benefits of using templates.
In this tutorial you will learn how to configure Elasticsearch indices used by the Wazuh app and change the creation frequency to weekly.
Wazuh is an open source unified XDR and SIEM platform that offers compatibility and integration methods with other security platforms. Integrating Wazuh with other platforms enables you to flexibly manage Wazuh data and enhance your security monitoring approach. Wazuh integrates with other SIEM and XDR platforms such as Splunk and Elastic Stack. Previously, these integrations […]
AWS Managed Microsoft Active Directory (AD) is an AWS Directory Service that provides users, businesses, and organizations different options to use Microsoft Active Directory (AD) with other AWS services. AWS Managed Microsoft AD stores information about users, groups, and devices, and system administrators use this Directory Service to manage access to this information. AWS Managed […]
The Wazuh Query Language (WQL) simplifies security data filtering in the Wazuh dashboard with its user-friendly format. With the use of a specialized querying language like Wazuh Query Language, security analysts can analyze and query security log data, enabling effective detection and response to security threats. WQL provides a solution for navigating complex datasets, allowing […]
Amazon Elastic Container Registry (ECR) is an Amazon Web Services (AWS) managed container image registry service that stores, shares, and deploys container images. Amazon ECR provides an image scanning feature that uses the Common Vulnerabilities and Exposure (CVEs) database from the open source Clair project to detect vulnerabilities in container images. AWS provides a template […]
Amazon Security Lake is a fully managed service that helps organizations aggregate, store, and analyze security data from various sources, such as AWS services, on-premise logs, and third-party SaaS applications. Security administrators can use AWS services like Athena to query the security data, which gives them insight into potential threats and vulnerabilities across an organization’s […]
With advanced threat hunting capabilities, security teams can stay proactive in identifying and eliminating emerging threats.
Organizations require effective monitoring solutions that not only identify security issues and threats but also integrate with their existing infrastructure. Wazuh is an open source unified XDR and SIEM platform that offers integration approaches with other SIEM and XDR platforms such as Splunk. Integrating Wazuh and Splunk helps you combine the threat detection and security […]
Please make sure that all words are spelled correctly.