Packetbeat and Wazuh

[Peter Santiago]

Can I integrate Packetbeat inputs into wazuh with any needed templates or modifications?

[Alberto Rodriguez]

Hello 

  Did you consider using Owlh? The Owlh project has a tested integration with Wazuh and I think that maybe can suit your use case. Packetbeat is an Elastic beat that directly sends information to Elasticsearch and both template's schemas are not compatible yet. Please take a look and let me know if this could work for you: https://documentation.owlh.net/en/0.17.0/main/OwlHScenarios.html#wazuh-integration

Regards, 

[Peter Santiago]

Thank you for your suggestion. I will take a closer look at Owlh integration