Wazuh with Amazon Elasticsearch Service
777 views
Skip to first unread message
Javier Vivanco
Aug 9, 2018, 4:25:40 PM8/9/18
to Wazuh mailing list
Hello, everyone. How are you?
It's my first time in this group.
I'm doing a wazuh installation and I think it's a great tool.
I wanted to ask you about using AWS ElasticSearch Service.
Amazon provides ElasticSearch v6.2.3.
Is it possible to use wazuh manager v3.4 with ES 6.2.3?
Thank you very much for your time.
Javier Vivanco
It's my first time in this group.
I'm doing a wazuh installation and I think it's a great tool.
I wanted to ask you about using AWS ElasticSearch Service.
Amazon provides ElasticSearch v6.2.3.
Is it possible to use wazuh manager v3.4 with ES 6.2.3?
Should I keep something in mind with the use of this amazon service?
What is your experience using it?
What is your experience using it?
Javier Vivanco
Jose Luis Ruiz
Aug 9, 2018, 5:52:43 PM8/9/18
to Javier Vivanco, Wazuh mailing list
Hi Javier
Yes it is possible, the only restriction that Wazuh has with Elastic is in the version of the plugin that is necessary to use the Visual Interface.
But because you are using the AWS ElasticSEarch Service you don’t have the option to install the Wazuh plugin, but always can send the alerts to Elasticsearch and then filter the alerts, create your own dashboards, etc.
I hope it helps.
--
Jose Luis Ruiz
Jose Luis Ruiz
@jlruizmlg
--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To post to this group, send email to wa...@googlegroups.com.
Visit this group at https://groups.google.com/group/wazuh.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/76f3fbd8-a734-4a49-a64a-abfd957bd4a9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Santiago Bassett
Aug 9, 2018, 6:03:57 PM8/9/18
to Jose Luis Ruiz, Javier Vivanco, Wazuh mailing list
I believe it is also possible to run Kibana in a different instance. This means Wazuh Kibana plugin can be used too.
Santiago Bassett
@santiagobassett
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/CA%2BOtwaBzNQoS3kRbdn5MSJxGQKugZxYfOE8YGF9haTErJNcnnA%40mail.gmail.com.
lu...@kuhlu.com
Aug 11, 2018, 5:41:21 PM8/11/18
to Wazuh mailing list
Yes, you can setup Kibana on its own instance and connect to AWS ES.
One other note about AWS ES: you can't install Logstash on AWS ES service, so you might also need to put Logstash on its own instance.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+unsubscribe@googlegroups.com.
To post to this group, send email to wa...@googlegroups.com.
Visit this group at https://groups.google.com/group/wazuh.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/76f3fbd8-a734-4a49-a64a-abfd957bd4a9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+unsubscribe@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages