Wazuh Migration

[Mohand-said Chalal]

Hello Wazuh Community,

I am currently running a Wazuh deployment using the official Docker multi-node architecture (manager master + worker, 3 indexer nodes, dashboard, Nginx reverse proxy).

I would like to migrate the entire infrastructure to a new server and I am looking for best practices regarding:

1. Migrating the Wazuh manager and indexer data without losing alerts, agents, or historical data.

2. Handling agent reconnection when the manager IP address changes (DNS usage, certificates, or configuration changes).

3. Any official or community-recommended migration procedure for Docker-based production environments.

My goal is to perform this migration with minimal downtime and without redeploying all agents manually if possible.

Thank you in advance for your guidance.

Best regards,

Mohand, 

[Diego Cappri]

Hi Mohand,

this is the official documentation for backup/restore: https://documentation.wazuh.com/current/migration-guide/

It covers the supported way to migrate a Wazuh environment without losing agents, alerts, or historical data, and it also applies to Docker-based production setups.

For your set up it is recommended for manager data to use the official backup/restore procedure (master + workers) and make sure all Docker volumes are preserved. Keep the same Wazuh version on the new server, for Indexer data you must migrate historical data using index snapshots and restore. Regarding agents, please avoid manager IPs, use a DNS name or load balancer/VIP so agents can reconnect automatically after the move. Once tested, you will need to prepare the new environment in advance and plan a short maintenance window for the final backup and restore.

Regards.

Diego.