Can I use Wazuh as a SIEM for everything?

[Ricardo Martinez]

I'm starting to use Wazuh and everything is going well but i a have a question. In my company we have a lot of servers that we used for virtualization:

Dell ECS

Avamar

Dell Data Domain

Veem

And routers, firewall, switches, etc... Some of them Fortinet, Cisco, Dell, Mellanox.

My question is: I want to use Wazuh as a SIEM, but in the faqs I can only see that I can configure as a syslog for all of them, but I can't see a configuration or something that could help me for the module of vulnerabilities scan. If there is an option for each server o networking equipment so I can configure to check the vulnerabilities or can I scan a network segment for example 192.168.x.x/24 like Nessus?

Thanks for the help.

[Jeremiah Kolawole]

Hello Ricardo,

From the description of the use case, you can achieve this by configuring and running scans with the vulnerability detection components as described here or by enabling the Nmap integration and scanning for different parameters as described here.

I hope this helps.

Regards