Video

I am running Hyper-V server, CPU i9 and 64Gigs of ram. It's just a workstation with Windows 2022 installed.

Glad it helped

Very welcome!

Not sure I understand, but you should be able to ssh into the box or use the Wazuh interface. What other tool are you wanting to integrate?

I will be focusing on more Wazuh videos moving forward.

You're very welcome!

Glad it helped!

Are you running a firewall on your linux machine? You might check if UFW is running. run "sudo ufw status" to check if the firewall is enabled and "sudo ufw disable" to turn it off.

@@unreal-labs I checked and it showed inactive. I just dont know why i cant add agent on my server. I do follow every instruction, but my authen key just doesnt show up. Could you help me with this pls

I am not sure, let me do some research. Still not finding a good way to get the report into a pdf format. Maybe creating a custom report. Not ideal.

Wazuh email alerts do not support SMTP servers with authentication such as Gmail. You will need to setup a server relay, like Postfix to send these emails. I have linked to a Wazuh documentation page. documentation.wazuh.com/current/user-manual/manager/manual-email-report/smtp-authentication.html I use a local Postfix instance to send alerts, at other places I have used IIS SMTP to forward alerts to Office365 or Gmail. Thanks for the comment!

@@unreal-labs Thanks a ton!!

Glad you liked the video!

Glad it was helpful!

Glad you like them!

Not yet! But it's my next video after the SMB Network series.

The config.yml file should be in the wazuh-install-files.tar that was downloaded, but glad you got around it. Thanks for the comment!

Those are great ideas for new content. Let me see what I can get done. Thanks for the comment and suggestions.

I have seen this when the gui package update manager is running. You might run all the missing updates for your distro and try again.

You are welcome, glad to help!

Sure nice to have in the winter! Helps warm the office up.

Yes, you can load another running-config or startup-config into a new switch either by TFTP, FTP, or SCP. You might need to change some interface names if those do not match on the new switch. You will also want to verify that your new switch still supports older commands. Another great video idea! You can also just past the config in from a text file, but I do prefer coping it via TFTP or FTP.

Thanks for the comment! That's a good idea for some more videos!

Nice job Andy

Thanks for the question, the Wazuh server does not need an agent. You in need an agent in servers or computers you want to monitor. There is agentless monitoring if you need that also.

Thanks for the comment. I have experienced this issue also, you might try looking over this article on Reddit. www.reddit.com/r/Wazuh/comments/17nlhed/wazuh_dashboard_server_is_not_ready_yet_resolved/ I have also experienced the same issue running Wazuh on Ubuntu and updating the OS fixed my issue. Running the below command will update/upgrade your Ubuntu install, please use caution. "sudo apt update && sudo apt upgrade -y" Let me know if this helps...

Hello, thank you for your response, but that didn't help me. :( @@unreal-labs

Hi, I think you don't have wazuh-manager. It is the problem. Indexer and dashboard without wazuh-mamager is kind of useless.

I agree a diagram would have made the content clearer. Thanks!

Thanks for you comment......

Glad you found the video helpful!

@@unreal-labs Question. I am finding that I can't reach the wazuh server from a different endpoint. They live in the same network. How can I start troubleshooting this issue? So far I have not found any information regarding this issue.

@@victorrosa2879 Can your endpoint Ping your Wazuh server? I would also check your Default Gateways are correct on the Wazuh server and the endpoint. I always like to start with basic communication troubleshooting and then move on up the OSI model. You might also have a firewall active if you are using Linux for the OS on the Wazuh server. You can disable it using this command. sudo ufw disable. Hope this helps.

​@@unreal-labs Yes I can ping both, the server and the end point. As far as the gateway, they both belong to the same subnet but also for the server I have a reservation for it's IP. I also deactivate the FW in both Linux server Cent'OS (aka Rocky 8) and my windows device. Still was not able to reach the dashboard. Could SE linux be the culprit?

@@unreal-labs Yes, is a firewalld and SELINUX issue. Discovered by disabling both services in the server side only. What rules should I place to allow the correct comunication?

Glad it helped!

Glad you found my channel, I would be happy to help on your journey! Please feel free to ask questions if I can answer them I would be happy too!

Thanks for comment, I will put those on the list. I have not done a Wazuh cluster, so that should be fun to build out.

In my experience, I've encountered various situations. At times, I've faced audit requirements. In other instances, I've dealt with infected PCs that couldn't be shut down or cleaned up immediately due to the need to maintain a crucial process or service. Sometimes, my task was simply to block PC-to-PC traffic over an IPsec tunnel. Regardless of the situation, I always prioritize running with the least privilege when setting up communications.

@@unreal-labs i have started my ccna journy in September from youtube Turtiols and the one thing i struggle with is what would be a real-world scenario to implaint things like why would some use RIP protocol over OSPF even thought RIP has alot of disadvantages

@@mohamedadel-tw8sf I would pick RIPv2 when I need just a simple and fast routing protocol in a small network. OSPF is definitely more complex. RIP is also kept around for legacy systems. Glad you're making your CCNA happen!

Great, have fun!

Sure thing!

Much appreciated!

You bet!

Thanks for the comment, I will be releasing more flash cards in the next coming days. I also used the book CCNA Flash Cards when I was studying for my CCNA.

Glad you got it figured out. I have also seen issues with MD5 when using VTP v3.

We will! Thanks for the comment.

Also, awesome video!

Thanks for watching, I use a program call MobaXterm. They do have a free client, but I currently use the paid version. Here is the link if your interested mobaxterm.mobatek.net/

I will try and make the fonts bigger in the console. Thanks for the comment!

I will add that to my list.