In Episode 9 of our cyber security virtual lab building series, we are going to install and explore the Wazuh Security Platform which is a SIEM (Security Incident & Event Management) platform, as well as its Linux and Windows XDR/EDR agents.
In this lab we will look at how to deploy the prebuilt Wazuh OVA image into Virtualbox, VMWare and Hyper-V and configure its static IP address connecting it to our lab network. We will then deploy Wazuh agents to our Ubuntu 20.04 server as well as our Windows 10 Pro desktop.
This video is the first addition to our Security Operations Center (SOC ) building series, so please don’t forget to turn on notifications so you can be immediately notified of future videos I will be publishing, next up is the installation of TheHive, MISP and Cortex so don’t miss it! If you have been enjoying this series so far, please don’t forget to like and subscribe!
Links used in this lab:
- https://wazuh.com/
- https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.hostclient.doc/GUID-8ABDB2E1-DDBF-40E3-8ED6-DC857783E3E3.html
- https://documentation.wazuh.com/current/deployment-options/virtual-machine/virtual-machine.html
Commands used in this lab:
ip add
sudo vi /etc/sysconfig/network-scripts/ifcfg-eth0
Shift+ :wq (save and quit)
Sudo systemctl restart network