Agentless monitoring without SSH or forwarding

Joaquim António

unread,

Jun 12, 2023, 12:26:30 PM6/12/23

to Wazuh mailing list

Hello Wazuh team,

Is it possible to monitor agentless devices that don't support SSH without using a forwarder host with a wazuh agent? Basically I would like the manager to receive syslog directly from the devices. I so, how can that be acomplished?

Thank you for your help.

Kind regards,

Joaquim Antonio

Lenin Guerrero

unread,

Jun 12, 2023, 12:38:04 PM6/12/23

to Joaquim António, Wazuh mailing list

Hi Joaquim,

Let me understand, You want to send logs from maybe cisco router, firewall devices, right?.

Best regard.s

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/d94fd6e8-270b-48f3-89ae-3505906bff16n%40googlegroups.com.

--

Lenin Guerrero
Mobile Phone Number:+593 98 232 0150
Threema ID: KUEEA9W8

Nicolas Alejandro Bertoldo

unread,

Jun 12, 2023, 2:54:38 PM6/12/23

to Wazuh mailing list

Hi Joachim,

Thank you for using Wazuh!

The two ways you have to monitor an agentless device are:

1. You can set up the devices to send logs to Wazuh via rsyslog: Remote Syslog
You could setup devices to send syslog’s to the wazuh manager or another agent. If you have multiple sites you can an agent from each site setup to receive syslog for local devices and then send to wazuh.

2. Alternatively, you can set up devices to be monitored agentless: Agentless monitoring

I hope this helps you. Let me know if you have any further questions!
Regards

Reply all

Reply to author

Forward