Monitoring Vmware esxi to wazuh
678 views
Skip to first unread message
Jenny Zambrano
Oct 23, 2023, 4:40:48 PM10/23/23
to Wazuh | Mailing List
Hi
Best regards
I need to monitor vmware esxi servers with wazuh, I have wazuh manager. I tried the wazuh documentation, but I have not had favorable results
Can you help me with the step by step
Can you help me with the step by step
Best regards
Jenny
Mauricio Ruben Santillan
Oct 23, 2023, 5:21:54 PM10/23/23
to Wazuh | Mailing List
Hello Jenny,
You can find this procedure fully documented here: https://wazuh.com/blog/monitoring-vmware-esxi-with-wazuh/
According to the document, in order to ingest VMware ESXi events, basically you need to:
- Configure your VMware ESXi to forward events via syslog to a Wazuh agent of yours
- Configure such Wazuh agent to receive syslog traffic and to forward the resulting traffic to your Wazuh manager
- Add related custom decoders and rules to your Wazuh manager so it can create alerts from your events.
The provided document explains how to configure syslog ingestion into a Linux Wazuh Agent of yours. You could also use a Windows endpoint (by installing Logstash to it)
as explained here.
I hope this helps. Let me know how it goes.
Tiago Teixeira
Dec 30, 2024, 10:00:47 AM12/30/24
to Wazuh | Mailing List
Hello,
Do you know if is possible to bypass the ubuntu agent and send the logs directly to the wazuh? As we do with a firewall...
Thanks in advance
Tedew
Oct 23, 2025, 2:30:30 AM10/23/25
to Wazuh | Mailing List
Hello,
I also ask :)
" Possible to bypass the ubuntu agent and send the logs directly to the wazuh? " ???
Thanks
" Possible to bypass the ubuntu agent and send the logs directly to the wazuh? " ???
Thanks
Reply all
Reply to author
Forward
0 new messages