openscap configuration - wazuh documentation
335 views
Skip to first unread message
theresa mic-snare
Jun 11, 2017, 9:39:26 AM6/11/17
to Wazuh mailing list
hi guys,
why should it be set to disabled (on the manager) if I want to use it?
I just went over the openscap part of the wazuh documentation and found something that i didn't quite understand.
it says in the "basic usage" part
<wodle name="open-scap">
<disabled>yes</disabled>
why should it be set to disabled (on the manager) if I want to use it?
i remember a similar option for file-integrity monitoring where you can turn off the syscheck module.
is this set to disabled on purpose, if so why?
btw, i am now trying my luck with graylog since i cannot afford x-pack myself...but still want a decent amount of security on my wazuh-elastic environment :)
i will let you know how it turns out....i will also open-source any dashboards, extractors, and what not if it turns out to be succesful and of value!!
i will let you know how it turns out....i will also open-source any dashboards, extractors, and what not if it turns out to be succesful and of value!!
best,
theresa
0x2a
Jun 12, 2017, 5:10:22 AM6/12/17
to Wazuh mailing list
Hi,
IIRC this was related to https://github.com/wazuh/wazuh/issues/64, since
openscap-scanner is an external dependency.
for elasticsearch security, I highly recommend looking at Search Guard
(https://floragunn.com/
https://floragunncom.github.io/search-guard-docs/quickstart.html), the
features included in the community edition should cover most
requirements.
If you use the ELK stack, there is a kibana app
(https://github.com/wazuh/wazuh-kibana-app), which automatically
installs dashboards, etc
regards,
0x2a
> --
> You received this message because you are subscribed to the Google
> Groups "Wazuh mailing list" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to wazuh+un...@googlegroups.com.
> To post to this group, send email to wa...@googlegroups.com.
> Visit this group at https://groups.google.com/group/wazuh.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/wazuh/5f556a88-c5a7-454c-ab50-bebe1a21a2b8%40googlegroups.com
> [1].
> For more options, visit https://groups.google.com/d/optout.
>
>
> Links:
> ------
> [1]
> https://groups.google.com/d/msgid/wazuh/5f556a88-c5a7-454c-ab50-bebe1a21a2b8%40googlegroups.com?utm_medium=email&utm_source=footer
IIRC this was related to https://github.com/wazuh/wazuh/issues/64, since
openscap-scanner is an external dependency.
for elasticsearch security, I highly recommend looking at Search Guard
(https://floragunn.com/
https://floragunncom.github.io/search-guard-docs/quickstart.html), the
features included in the community edition should cover most
requirements.
If you use the ELK stack, there is a kibana app
(https://github.com/wazuh/wazuh-kibana-app), which automatically
installs dashboards, etc
regards,
0x2a
> You received this message because you are subscribed to the Google
> Groups "Wazuh mailing list" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to wazuh+un...@googlegroups.com.
> To post to this group, send email to wa...@googlegroups.com.
> Visit this group at https://groups.google.com/group/wazuh.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/wazuh/5f556a88-c5a7-454c-ab50-bebe1a21a2b8%40googlegroups.com
> [1].
> For more options, visit https://groups.google.com/d/optout.
>
>
> Links:
> ------
> [1]
> https://groups.google.com/d/msgid/wazuh/5f556a88-c5a7-454c-ab50-bebe1a21a2b8%40googlegroups.com?utm_medium=email&utm_source=footer
Jesus Linares
Jun 12, 2017, 6:15:13 AM6/12/17
to Wazuh mailing list
Hi Theresa,
It is a typo in the documentation. OpenSCAP is an external dependency for that reason is disabled by default in the installation, but in case that you want to use it, of course you need to enable it.
Good luck with the security of your wazuh-elastic environment. Let us know what you get!.
Good luck with the security of your wazuh-elastic environment. Let us know what you get!.
Regards.
> an email to wazuh+unsubscribe@googlegroups.com.
Reply all
Reply to author
Forward
Message has been deleted
Message has been deleted
0 new messages