Distributed Architecture Installation Steps

[Rukender attri]

Hello Members,

Is there any installation guide for the Wazuh distributed architecture installation. 

I'm looking for doc or web link which can help me set up the environment. 

Also, what can I do for HA(High Availability). 

Thanks

Rukender

[Juan Pablo Saez]

Hi Rukender!

When we talk about using distributed architecture in Wazuh, we can approach it from two perspectives:

• Wazuh-manager cluster:
  
• When we need to monitor a large number of agents, a single manager node may not be enough. Therefore there is the possibility of creating a cluster with a set of manager nodes.
• You can read more about configuring a manager cluster in our documentation

• ElasticSearch cluster:
• An Elasticsearch cluster is a collection of one or more nodes (servers) that communicate with each other to perform read and write operations on indexes. Small Wazuh deployments (<50 agents), can easily be handled by a single-node cluster. Multi-node clusters are recommended when there is a large number of monitored systems, when a large volume of data is anticipated and/or when high availability is required.
• You can read more about an Elasticsearch cluster configuration in Elastic documentation.

If necessary, the Managers cluster and Elasticsearch cluster can be combined. This combination provides the highest availability environment.

We can recommend you the most appropriate configuration if you explain to us which environment you want to deploy Wazuh and which versions of the manager and elasticsearch you intend to use. Please, let us know what configuration you are interested in.

 

Kind regards,

Juan Pablo Sáez