Wazuh Manager Post Installation Task

[Peter Wong]

Dear all forumer, I had installed Wazuh Manager on LAN PC and deploy wazuh agent on OPNSense router.

What I should doing in order to have a full functional wazuh event?

[Diego Guerrero]

Hello Peter

There are different approaches to send logs to Wazuh:

• You can use a OPNsense plugin to send the logs, please follow the guide provided on the website of OPNSense 

• You can send the logs to the Wazuh server, it can collect logs via syslog from endpoints such as firewalls, switches, routers, and other devices that don’t support the installation of Wazuh agents. Perform the steps described on the documentation

• You can send the logs to a Linux or Windows host where you have Wazuh Agent Installed. Using Rsyslog, you can collect the logs and save them into a file that will be monitored by the Wazuh Agent.

  This option will give you some advantages, like the communication between Wazuh Cloud Manager and the agent being already encrypted; you will have an agent buffer in case you lose communication with Wazuh Manager. Another aspect to consider is that you will have the raw logs on your Wazuh Agent host to analyze if you need to create rules and decoders. More information can be found in

Please let us know if you have any questions, doubts or problems.

[Peter Wong]

Hi all, I can send logs from Wazuh agent OPNSense plugin to Wazuh Manager on my LAN PC. I install wazuh agent in my Window machine also. 

My Question is regarding the wazuh dashboard, What kind of tune need to have a fully functional Wazuh dashboard?

[Diego Guerrero]

Hi Peter

To see all your configured endpoints, you can go to the three lines menu, Agents management, summary

Then you can click over any of them and you'll see a dashboard like the following: