Pushing wazuh clients to multiple windows clients at once

605 views
Skip to first unread message

Krishna

unread,
May 22, 2020, 5:33:30 AM5/22/20
to Wazuh mailing list
Hello,
Is there a way to push wazuh agentS to multiple windows systems at once .

I read an article where we can do the configuration on wazuh server and then add a single line command on windows system cmd. But I want to know if there is a way to install agents without working on end user machine at all.

Thanks in advance

Eva Lopez

unread,
May 22, 2020, 11:50:11 AM5/22/20
to Wazuh mailing list

Hello,

Exist two alternatives to provisioning Windows agent:

  • Using Windows GPO. To do it, you can follow this article: Deploying Wazuh agent using Windows GPO
  • Using Ansible and our wazuh-ansible repo. To do it,
    • Install Ansible and clone the wazuh-ansible repo
    • Create hosts file which contains the IPs of the machines.
    • Run playbook using the agent role and using as target the group name.

You can read more in our documentation: Deploying with ansible

I hope it helps you.

Best regards,
Eva

Eva Lopez

unread,
May 28, 2020, 5:21:39 AM5/28/20
to Sai Krishna, Wazuh mailing list

Hello Krishna,

Regarding your question about how to register all the agents, the guides I sent you have a manager registration process but, if you have installed the agents and they aren’t registered, you can create a script to execute in windows machines using Ansible. You can follow the Ansible documentation.

The Windows agent Wazuh directory is C:\Program Files (x86)\ossec-agent. Here, you will find the binary agent-auth.
Executing it in PowerShell as follow you can register the agent in the manager: agent-auth -m <ip_manager>
Note, the manager must have the binary ossec-auth running.
Then, you can restart the agent using the command: net start OssecSvc

I hope it helps you.

Best regards,
Eva


On Sun, May 24, 2020 at 12:05 AM Sai Krishna <kris...@gmail.com> wrote:
Hello Eva,

Could you also please help if there is a way to configure multiple wazuh agents automatically to wazuh manager.
I mean once we push silent installation of wazuh agents on windows clients i want the agents to auto register with wazuh manager (like without manually generating authentication key from manager For each agent and entering it into agent and adding manager ip in agent)

I am pretty new to this . So would require your support


--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/21bc6777-0d33-45d6-81ed-5ad231723810%40googlegroups.com.

Sai Krishna

unread,
May 28, 2020, 5:33:10 AM5/28/20
to Eva Lopez, Wazuh mailing list
Thank you Eva . It worked!!!

Eva Lopez

unread,
Jun 2, 2020, 3:18:43 AM6/2/20
to Wazuh mailing list
You are welcome!
I am glad I was useful.
Reply all
Reply to author
Forward
0 new messages