Wazuh Agentless Monitoring for Windows Server
371 views
Skip to first unread message
Kazim Koybasi
May 7, 2018, 7:41:19 AM5/7/18
to Wazuh mailing list
Hello All,
We take an advice from one security superviser that taking logs from windows server with wmi feature would be more useful. However when I look for information about agentless monitoring there are not so much information. Is it sensible to take logs from Windows Server with wmi based solution?
Thanks for reading.
Best Regards,
We take an advice from one security superviser that taking logs from windows server with wmi feature would be more useful. However when I look for information about agentless monitoring there are not so much information. Is it sensible to take logs from Windows Server with wmi based solution?
Thanks for reading.
Best Regards,
Cristóbal López
May 17, 2018, 6:34:25 AM5/17/18
to Wazuh mailing list
Hi Kazim,
The agentless function is designed to collect logs of equipment that cannot be installed with an agent, such as routers or switches. It is similar to collecting logs through syslog.
In the case of a Windows host, the best solution is to install a Wazuh agent, which can extract logs in real time from files or the Event Channel. Furthermore, with Wazuh's MSI installer, you can automate agent deployment and run agents in a single step.
Best regards,
Cristobal Lopez.
The agentless function is designed to collect logs of equipment that cannot be installed with an agent, such as routers or switches. It is similar to collecting logs through syslog.
In the case of a Windows host, the best solution is to install a Wazuh agent, which can extract logs in real time from files or the Event Channel. Furthermore, with Wazuh's MSI installer, you can automate agent deployment and run agents in a single step.
Best regards,
Cristobal Lopez.
Kazim Koybasi
May 22, 2018, 3:28:42 PM5/22/18
to Wazuh mailing list
Hello Cristóbal,
Thanks for your answer. As I understand It is best solution to use wazuh-agent if It is avaliable for specific platform.
Best regards.
Reply all
Reply to author
Forward
0 new messages