Enable Vulnerability Detection in Wazuh | Enable Vulnerability Scanning Wazuh | Wazuh SIEM

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey everyone welcome to the world of Innovations today I am going to guide you how you can enable reability scanning or workability detection in your Wu server for the agents uh let's just log in to our wazu gii GUI sometimes it pop up with the error that Wu API hasn't been updated that's why this eror up but but it's an a ual error not the complicated one currently I haven't enabled or installed vasu agent on any of my host let's just install the wazu agent first on my Windows system the IP address for the server as you can verify from the URL this is the IP address for my wazu server and I am going to name the host name which will be shown in the wazu okay copy this command Now search for the power shell and run it as administrator now just paste the command here and press enter for the installation now what is next command this is the next command I have to run the agent has been installed successfully now let's check that we have agent installed or not okay let's check in the services that the agent Wu agent service has been running or not let's just restart it [Music] again yeah the agent has been installed successfully and we have one a agent in total and one agent in active agents this this is the agent I have currently installed now open this agent and check for the vulnerabilities we don't have any workabilities currently here so let's just move toward towards the configuration and check uh we have successfully enable or not I am going to SSH my wazu server with my admin user and password and enter this configuration file we are going to edit this configuration file I am going to give you the script and this syntax in under my video descript description and we have to add this tag in this configuration and click on control X enter y press enter what is the next step the next step we have to edit the main configuration of our wazu server and we have to find vulnerability detector tag let's see we have the tag available yes it's here change the enable no to yes and interval to 1 minute and press control X electively enter y then enter but now we are going to restart the Wu manager service after this configuration change the Wu manager service take a bit time to get restart every service except wazu dashboard takes time to get restarted let's che check the status it's currently running and now we are going to refresh our wazu GUI to check if any logs received or scanned by the wazu agent and sent to the wazu manager [Music] okay because we have we have restarted the wazu manager it will take time to collaborate and reinitiate all the services and provide us the results in our wui this is how you can reability detection or reability scanning in your wazu server currently I haven't have any vulnerabilities at my agent or the machine that's why we are unable to see any of Lo work maybe it will take some time okay we can check what the configurations we have done I have set the interval for 1 minute e we have to change the time interval here before one minute for our testing purpose let's see the now we can see any of logs for the vulnerability scanner or we can go with with the reboot of our wazu server that it will scan the agent and share some logs for because we have restarted the Wu manager that's why this error occur every time whenever you restart any of the service Wu Wu manager Wu indexer dashboard okay have to Rel log in my session yeah now you can see see the status the last full scan and the last partial scan it's the current time now I I doesn't have any vulnerabilities currently running on my agent that's why I am unable to see any vulnerabilities on the wazu this is how you can enable vulnerability scanning for your host hope you guys understood the scenario very well uh let me remind you a bit what which two steps I have performed for this configuration firstly you have to edit this configuration file and you have to add this tag the time interval you can set according to your your requirement if you enter yes it will disable this vulnerability scanning if you enable no disable no means this configuration is not disabled the next step we have to un uh edit the main config o do configuration file we have to find the tag for vulnerability detector this is the tag you have to make yes here and the time interval and minimum full scan interval according to your requirement then you can be able to see any vulnerabilities uh occur on your host and this is the change which I have sh you accordingly hope you guys understood my video and scenario please like And subscribe my channel and share with your friends colleagues and your students until then stay bless stay tuned thank you for watching goodbye for

Info

Channel: World of Innovations

Views: 475

Rating: undefined out of 5

Keywords: wazuh, wazuh vulnerability scanning, vulnerability scanning, wazuh agent, vulnerability scanner, wazuh cloud, vulnerability assessment, vulnerability scanning with nessus, vulnerability wazuh, wazuh setup, setting up wazuh, wazuh tuorial, installing wazuh, wazuh siem tutorial, vulnerability management, wazuh installation, vulnerability detector, vulnerability detection, installing wazuh agent on windows, wazuh security platform, free vulnerability scanner

Id: BzR-k4crtSQ

Channel Id: undefined

Length: 17min 10sec (1030 seconds)

Published: Sat Jun 01 2024