We need set up yara on wazuh agent or not
90 views
Skip to first unread message
Le Sok
Oct 29, 2023, 10:25:03 PM10/29/23
to Wazuh | Mailing List
Hello everyone,
I want to ask some questions about detecting malware using Yara, I just read about Yara they said we need to install Yara on Wazuh agent, so is it possible if I want to config Wazuh agent without config manual because I have a lot of endpoint Wazuh agent, so how can I config Yara on Wazuh agent with config manual on endpoint machine. please help me to solve this problem.
Best Regards
I want to ask some questions about detecting malware using Yara, I just read about Yara they said we need to install Yara on Wazuh agent, so is it possible if I want to config Wazuh agent without config manual because I have a lot of endpoint Wazuh agent, so how can I config Yara on Wazuh agent with config manual on endpoint machine. please help me to solve this problem.
Best Regards
Md. Nazmur Sakib
Oct 30, 2023, 12:46:51 AM10/30/23
to Wazuh | Mailing List
Hi Le Sok,
Hope you are doing well. Thank you for using Wazuh.
Unfortunately you have to install Yara in every agent's endpoint manually.
If you want to push it to all the agents in one go, and for that you need to create some custom script or use ansible/puppet or some outside tool to achieve this.
Check this document for details:
https://documentation.wazuh.com/current/proof-of-concept-guide/detect-malware-yara-integration.html
I hope this information helps.
Regards
Md. Nazmur Sakib
Reply all
Reply to author
Forward
0 new messages