Security Management System

Security Information Event Management (SIEM) Environment

Project URL: https://youtu.be/Net7HO_zzQI

Table of Contents

  1. Introduction
  2. Prerequisites
  3. Creating Your Linode
  4. Check Creation Progress
  5. Find your Wazuh Account Password
  6. Access the Reverse DNS
  7. Input your Account Credentials
  8. Check the Video!
  9. Conclusion
 

1. Introduction

Wazuh is an open-source Security Information and Event Management (SIEM) tool that helps cybersecurity analysts monitor and secure their systems and applications. It provides intrusion detection, vulnerability detection, and any other security features to protect businesses’ infrastructures.
Linode Marketplace
This project is conducted under Linode Marketplace which is a platform where you can discover and deploy various applications and services on your Linode instances. It simplifies the process of installing and configuring software on your Linode server. Alternatively, you could also go directly to Wazuh.com and install Wazuh since it is an open-source security platform.

2. Prerequisites

Linode Account

  • Head over to Linode.com and create an account. Upon entering the site, you need to create an account. You could also link your GitHub, Email, or Google account to sign up if you do not have an account with them as a second option.

3. Creating Your Linode

Create

  • Upon entering Linode, you will be presented with their dashboard. On the top left of the corner, you will see the “Create” option, click it and choose Linode (High Performance SSD Linux Servers
  • Under Linodes/Create, you will see a list of options (Distributions, Marketplace, StackScripts, Images, Backups, Clone Linode), click on Marketplace.

SIEM Wazuh Software

  • Under the search bar, we will be looking for our SIEM tool which in this case will be Wazuh.

Wazuh Setup:

Email address:

  • Input your desired email address for the SSL certificate.

Limited sudo user account name

  • Input your desired sudo username.

Password for the limited sudo user account

  • Put in your password.

Select an Image

  • Select Ubuntu 22.04 LTS

Region

  • Select a region close to you for better connectivity.

Linode Plan

  • Usually the Nanode 1 GB package ($5 a month) is selected but for a tool like Wazuh it is recommended to use the 4 GB option.

Linode Label / Root Password

  • Name your Linode label and set your root password.

Create Linode!

 4. Check Creation Progress

  • You can check the progress of your Linode by accessing the SSH command.

Access

  • On the right side of the dashboard, you will see the “Access” section giving you the SSH command copy it and open your computer “Command Prompt or CMD” and input your SSH access.

Fingerprint Access / Password

  • Type Yes for the fingerprint connection and afterwards input your password.

htop Command

  • Type in “
    htop” to get a visual representation of the progression.

5. Find Your Wazuh Account Password

  • In the command line type in “ls -al” to see all the hidden files.
  • Open the .deployment-secrets.txt file by typing “cat .deployment-secrets.txt"
  • You will see your password under the “admin” after the indexer_password copy it and access your DNS.

6. Access the Reverse DNS

  • Click on your “Network” section of your Linode dashboard, go to the “IP Addresses” tab and copy your reverse DNS.
  • Open a new browser tab and input your reverse DNS.

7. Input Your Account Credentials

  • Username should be “Admin” and paste your password from your terminal.

 8. Check the Video!

 9. Conclusion

You have successfully deployed Wazuh on Linode through Linode's Marketplace. You can now monitor, secure, and manage your agents more effectively using Wazuh's powerful security features. The amount of learning that can be done with Wazuh is incredible. From vulnerabilities, compliance requirements, and even alerts it is definitely one of the top best open source learning tools that you can use.