{"id":342,"date":"2024-01-22T09:29:56","date_gmt":"2024-01-22T09:29:56","guid":{"rendered":"https:\/\/harrisonjonesit.co.uk\/?p=342"},"modified":"2025-03-26T09:13:30","modified_gmt":"2025-03-26T09:13:30","slug":"elementor-342","status":"publish","type":"post","link":"https:\/\/harrisonjonesit.co.uk\/?p=342","title":{"rendered":"Wazuh SIEM"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"342\" class=\"elementor elementor-342\">\n\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-86ec8b9 e-flex e-con-boxed e-con e-parent\" data-id=\"86ec8b9\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-621211f elementor-widget elementor-widget-heading\" data-id=\"621211f\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.18.0 - 20-12-2023 *\/\n.elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}<\/style><h2 class=\"elementor-heading-title elementor-size-default\">Wazuh SIEM <\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-fb6de43 e-flex e-con-boxed e-con e-parent\" data-id=\"fb6de43\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-f16a02d elementor-widget elementor-widget-text-editor\" data-id=\"f16a02d\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.18.0 - 20-12-2023 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<p>After discussing an upcoming project in work, I decided to build my own SIEM using Wazuh, which is a free, open-source security tool that can monitor agents and servers giving you full visibility of events and vulnerabilities on those clients.\u00a0<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-34f74d3 e-flex e-con-boxed e-con e-parent\" data-id=\"34f74d3\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-676264f elementor-widget elementor-widget-image\" data-id=\"676264f\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.18.0 - 20-12-2023 *\/\n.elementor-widget-image{text-align:center}.elementor-widget-image a{display:inline-block}.elementor-widget-image a img[src$=\".svg\"]{width:48px}.elementor-widget-image img{vertical-align:middle;display:inline-block}<\/style>\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"750\" height=\"325\" src=\"https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/linodee-1024x444.png\" class=\"attachment-large size-large wp-image-346\" alt=\"\" srcset=\"https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/linodee-1024x444.png 1024w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/linodee-300x130.png 300w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/linodee-768x333.png 768w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/linodee-1536x667.png 1536w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/linodee.png 1742w\" sizes=\"(max-width: 750px) 100vw, 750px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-6dc9b96 e-flex e-con-boxed e-con e-parent\" data-id=\"6dc9b96\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-d5591c2 elementor-widget elementor-widget-text-editor\" data-id=\"d5591c2\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Firstly I created a Ubuntu Linux machine on Linode in order to host the application. You can create machines with certain apps pre-installed on them and Wazuh was on the list of the available apps. If installing locally you can just run a command that is available in their documentation (<a href=\"https:\/\/documentation.wazuh.com\/current\/installation-guide\/wazuh-server\/step-by-step.html\">Installing the Wazuh server step by step &#8211; Wazuh server<\/a>)<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-eadb76e e-flex e-con-boxed e-con e-parent\" data-id=\"eadb76e\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-705f381 elementor-widget elementor-widget-text-editor\" data-id=\"705f381\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Once up and running, I was able to login to the server via SSH on my local machine and obtain the credentials by navigating to the &#8216;secret passwords&#8217; directory . To find this directory just run &#8216;ls-all to confirm directory name. then &#8216;cat-secret passwords&#8217;.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-c8165df e-flex e-con-boxed e-con e-parent\" data-id=\"c8165df\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-e4ebb01 elementor-widget elementor-widget-text-editor\" data-id=\"e4ebb01\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><img decoding=\"async\" src=\"http:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/agentss-150x150.png\" alt=\"\" width=\"150\" height=\"150\" class=\"alignleft size-thumbnail wp-image-351\" \/>Now you will be able to login via the browser using the reverse DNS , for Linode this is found under main info of the machine. This is where we can add agents and begin the actual fun. Fill in the information it asks for about the machine and it will provide you a line of code to input to install. This can be done locally or through an RMM for mass deployment. For my demo. I only have 1 machine so I just deployed it on 1 agent, locally.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-848006a e-flex e-con-boxed e-con e-parent\" data-id=\"848006a\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-149da9f elementor-widget elementor-widget-text-editor\" data-id=\"149da9f\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Once installed and running, events will start to appear, please note to enable vulnerability detection, it must be turned on via the management console- this can also be found in the documentation.\u00a0\u00a0<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1fbd398 elementor-widget elementor-widget-image-gallery\" data-id=\"1fbd398\" data-element_type=\"widget\" data-widget_type=\"image-gallery.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.18.0 - 20-12-2023 *\/\n.elementor-image-gallery .gallery-item{display:inline-block;text-align:center;vertical-align:top;width:100%;max-width:100%;margin:0 auto}.elementor-image-gallery .gallery-item img{margin:0 auto}.elementor-image-gallery .gallery-item .gallery-caption{margin:0}.elementor-image-gallery figure img{display:block}.elementor-image-gallery figure figcaption{width:100%}.gallery-spacing-custom .elementor-image-gallery .gallery-icon{padding:0}@media (min-width:768px){.elementor-image-gallery .gallery-columns-2 .gallery-item{max-width:50%}.elementor-image-gallery .gallery-columns-3 .gallery-item{max-width:33.33%}.elementor-image-gallery .gallery-columns-4 .gallery-item{max-width:25%}.elementor-image-gallery .gallery-columns-5 .gallery-item{max-width:20%}.elementor-image-gallery .gallery-columns-6 .gallery-item{max-width:16.666%}.elementor-image-gallery .gallery-columns-7 .gallery-item{max-width:14.28%}.elementor-image-gallery .gallery-columns-8 .gallery-item{max-width:12.5%}.elementor-image-gallery .gallery-columns-9 .gallery-item{max-width:11.11%}.elementor-image-gallery .gallery-columns-10 .gallery-item{max-width:10%}}@media (min-width:480px) and (max-width:767px){.elementor-image-gallery .gallery.gallery-columns-2 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-3 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-4 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-5 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-6 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-7 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-8 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-9 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-10 .gallery-item{max-width:50%}}@media (max-width:479px){.elementor-image-gallery .gallery.gallery-columns-2 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-3 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-4 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-5 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-6 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-7 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-8 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-9 .gallery-item,.elementor-image-gallery .gallery.gallery-columns-10 .gallery-item{max-width:100%}}<\/style>\t\t<div class=\"elementor-image-gallery\">\n\t\t\t\n\t\t<style type=\"text\/css\">\n\t\t\t#gallery-1 {\n\t\t\t\tmargin: auto;\n\t\t\t}\n\t\t\t#gallery-1 .gallery-item {\n\t\t\t\tfloat: left;\n\t\t\t\tmargin-top: 10px;\n\t\t\t\ttext-align: center;\n\t\t\t\twidth: 50%;\n\t\t\t}\n\t\t\t#gallery-1 img {\n\t\t\t\tborder: 2px solid #cfcfcf;\n\t\t\t}\n\t\t\t#gallery-1 .gallery-caption {\n\t\t\t\tmargin-left: 0;\n\t\t\t}\n\t\t\t\/* see gallery_shortcode() in wp-includes\/media.php *\/\n\t\t<\/style>\n\t\t<div id='gallery-1' class='gallery galleryid-342 gallery-columns-2 gallery-size-2048x2048'><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-slideshow=\"1fbd398\" data-elementor-lightbox-title=\"dashboard w\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MzU5LCJ1cmwiOiJodHRwczpcL1wvaGFycmlzb25qb25lc2l0LmNvLnVrXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wMVwvZGFzaGJvYXJkLXcucG5nIiwic2xpZGVzaG93IjoiMWZiZDM5OCJ9\" href='https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/dashboard-w.png'><img decoding=\"async\" width=\"1876\" height=\"929\" src=\"https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/dashboard-w.png\" class=\"attachment-2048x2048 size-2048x2048\" alt=\"\" srcset=\"https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/dashboard-w.png 1876w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/dashboard-w-300x149.png 300w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/dashboard-w-1024x507.png 1024w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/dashboard-w-768x380.png 768w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/dashboard-w-1536x761.png 1536w\" sizes=\"(max-width: 1876px) 100vw, 1876px\" \/><\/a>\n\t\t\t<\/dt><\/dl><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-slideshow=\"1fbd398\" data-elementor-lightbox-title=\"vuln scanner\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MzYwLCJ1cmwiOiJodHRwczpcL1wvaGFycmlzb25qb25lc2l0LmNvLnVrXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wMVwvdnVsbi1zY2FubmVyLnBuZyIsInNsaWRlc2hvdyI6IjFmYmQzOTgifQ%3D%3D\" href='https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/vuln-scanner.png'><img loading=\"lazy\" decoding=\"async\" width=\"1796\" height=\"870\" src=\"https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/vuln-scanner.png\" class=\"attachment-2048x2048 size-2048x2048\" alt=\"\" srcset=\"https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/vuln-scanner.png 1796w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/vuln-scanner-300x145.png 300w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/vuln-scanner-1024x496.png 1024w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/vuln-scanner-768x372.png 768w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/vuln-scanner-1536x744.png 1536w\" sizes=\"(max-width: 1796px) 100vw, 1796px\" \/><\/a>\n\t\t\t<\/dt><\/dl><br style=\"clear: both\" \/>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-e961cf9 e-flex e-con-boxed e-con e-parent\" data-id=\"e961cf9\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-955d4fb elementor-widget elementor-widget-text-editor\" data-id=\"955d4fb\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The dashboard is really clean and its easy to navigate between events, recommendations, CVE&#8217;s ETC. You can also edit the config file to do exactly what you want. You can set up email or Slack alerts, block or allow certain addresses and much more. I would strongly suggest going over the documentation to see all the possibilities of what this can do. For my project I created a slack alert and also an active response rule to block remote connections trying to use a non-existent user as an example.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-ce6d99d e-flex e-con-boxed e-con e-parent\" data-id=\"ce6d99d\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-ce9c348 elementor-widget elementor-widget-image-gallery\" data-id=\"ce9c348\" data-element_type=\"widget\" data-widget_type=\"image-gallery.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-gallery\">\n\t\t\t\n\t\t<style type=\"text\/css\">\n\t\t\t#gallery-2 {\n\t\t\t\tmargin: auto;\n\t\t\t}\n\t\t\t#gallery-2 .gallery-item {\n\t\t\t\tfloat: left;\n\t\t\t\tmargin-top: 10px;\n\t\t\t\ttext-align: center;\n\t\t\t\twidth: 50%;\n\t\t\t}\n\t\t\t#gallery-2 img {\n\t\t\t\tborder: 2px solid #cfcfcf;\n\t\t\t}\n\t\t\t#gallery-2 .gallery-caption {\n\t\t\t\tmargin-left: 0;\n\t\t\t}\n\t\t\t\/* see gallery_shortcode() in wp-includes\/media.php *\/\n\t\t<\/style>\n\t\t<div id='gallery-2' class='gallery galleryid-342 gallery-columns-2 gallery-size-medium'><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-slideshow=\"ce9c348\" data-elementor-lightbox-title=\"active response rule\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MzYxLCJ1cmwiOiJodHRwczpcL1wvaGFycmlzb25qb25lc2l0LmNvLnVrXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wMVwvYWN0aXZlLXJlc3BvbnNlLXJ1bGUucG5nIiwic2xpZGVzaG93IjoiY2U5YzM0OCJ9\" href='https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/active-response-rule.png'><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"223\" src=\"https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/active-response-rule-300x223.png\" class=\"attachment-medium size-medium\" alt=\"\" srcset=\"https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/active-response-rule-300x223.png 300w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/active-response-rule.png 540w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a>\n\t\t\t<\/dt><\/dl><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-slideshow=\"ce9c348\" data-elementor-lightbox-title=\"slack\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MzYyLCJ1cmwiOiJodHRwczpcL1wvaGFycmlzb25qb25lc2l0LmNvLnVrXC93cC1jb250ZW50XC91cGxvYWRzXC8yMDI0XC8wMVwvc2xhY2sucG5nIiwic2xpZGVzaG93IjoiY2U5YzM0OCJ9\" href='https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/slack.png'><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"46\" src=\"https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/slack-300x46.png\" class=\"attachment-medium size-medium\" alt=\"\" srcset=\"https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/slack-300x46.png 300w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/slack-1024x156.png 1024w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/slack-768x117.png 768w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/slack-1536x234.png 1536w, https:\/\/harrisonjonesit.co.uk\/wp-content\/uploads\/2024\/01\/slack.png 1626w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a>\n\t\t\t<\/dt><\/dl><br style=\"clear: both\" \/>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-a86d0b2 e-flex e-con-boxed e-con e-parent\" data-id=\"a86d0b2\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-813f15a elementor-widget elementor-widget-text-editor\" data-id=\"813f15a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Overall, this is a great tool and the fact it is open-source means it can be a great learning tool for anyone wanting to get visibility of what a security tool looks like. The possibilities are limitless and I didn&#8217;t find any cutbacks compared to the enterprise level SIEM&#8217;s I have used in the past. This tool can be used to practice many different cyber roles such as vulnerability management, incident response, remediation and patching to name a few. I strongly recommend setting one of these environments for both your own labs but also look to implement into their business level scenario also.\u00a0\u00a0<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-25f8b3b elementor-widget elementor-widget-text-editor\" data-id=\"25f8b3b\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-e3bca42 e-flex e-con-boxed e-con e-parent\" data-id=\"e3bca42\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Wazuh SIEM After discussing an upcoming project in work, I decided to build my own SIEM using Wazuh, which is a free, open-source security tool that can monitor agents and servers giving you full visibility of events and vulnerabilities on those clients.\u00a0 Firstly I created a Ubuntu Linux machine on [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/342"}],"collection":[{"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=342"}],"version-history":[{"count":21,"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/342\/revisions"}],"predecessor-version":[{"id":374,"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/342\/revisions\/374"}],"wp:attachment":[{"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=342"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=342"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/harrisonjonesit.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=342"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}