Wazuh is a free and open source security platform that unifies XDR and SIEM protection for endpoints and cloud workloads.
helm repo add wazuh-helm https://promptlylabs.github.io/wazuh-helm-chart/
helm repo updatehelm install [RELEASE_NAME] wazuh-helm/wazuhThe Helm Chart installs the following components:
- Wazuh Dashboard
- Wazuh Indexer
- Wazuh Manager (Master and Worker nodes)
HTTPS communication between components is enabled by default and set up using self-signed certificates, provided by cert-manager.
The ossec.conf file is the main configuration file on the Wazuh manager. It is created on the _helpers.tpl file and passed via values.yaml.
This configuration can be replaced, by setting a different value for wazuh.master.conf and waazuh.worker.conf in the values.yaml file. Or extra parameters can be appended to the configuration file by setting the wazuh.master.extraConf and wazuh.worker.extraConf values.
wazuh:
master:
conf: |
<ossec_config>
...
extraConf: |
...The Wazuh Indexer has 2 configuration files: opensearch and internalUsers. These files are created on the _helpers.tpl file and passed via values.yaml and can also be replaced by setting a different value for indexer.config.opensearch and indexer.config.internalUsers in the values.yaml file.
indexer:
config:
opensearch: |
...
internalUsers: |
...The Wazuh Dashboard has 1 configuration file. This file is created on the _helpers.tpl file and passed via values.yaml and can also be replaced by setting a different value for dashboard.config in the values.yaml file.
dashboard:
config: |
...Feel free to contact the maintainer of this repository for any questions or concerns. Contributions are encouraged and appreciated.