Overview: In this blog, I am going to show you how to setup wazuh on linode cloud to monitor the systems like a SIEM. 

wazuh : It is an open-source SIEM platform, where we can setup agents and monitor their activities in a centrailised location. 

Linode: It is cloud service provider like mircrosoft azure and amazon web services, wazuh can also be installed on any cloud environment. I choose linode because it is very easy in linode cloud.

 

Follow the steps below:

STEP 1:

Create a free account in Linode account, you can use the free $100 credit, if you are a new user. Disclaimer: Please check the offer is available when you are registering for the linode cloud.

Complete all the four steps shown below to complete account creation.

 

 

This is how portal looks like after you log in the Linode.

 

STEP 2:

Click on the create option to create, and then select Linode from the drop down.

 

Then go to marketplace, and search for Wazuh and select it.

 

 

STEP 3 :

Now the actual creation of wazuh starts from here. 

  • Give your email address
  • Give some username and password which you can remember later.

 

 

Then scroll down to Select an Image option.

  • By default, it should be Ubuntu. 
  • Region, Select the region which is near to you.

 

 

Select the Shared CPU.

  • Select minimum 4 GB of RAM for better experience.

 

 Select the Linode Label, 

  • Just give some random name 
  • Followed by root password, give some random password that you can remember.
Done, Ignore rest all the fields until unless you are concerned.
  

 

STEP 4:

Create linode. It's Done.

 

 

STEP 5:

WAIT!!

It will take more than 10 minutes to configure the wazuh.  To configure it completely, it will take nearly 20 minutes.

 



STEP 6:

After 10-15 minutes,

Now access the through SSH from Command prompt or Terminal. Check the SSH Access credentials and copy them.

  • Paste the SSH Access ( ssh root@172.233.174.159 ) in my case and then press enter.
  • Then type YES and press enter.
  • It will ask for password, enter the password you gave while creating the machine.
     

 

 

Now you should be accessing the terminal of the wazuh through SSH.

  • type the command ls -la , to list the files in the directory.
  • Use the cat command to display the contents of the file. 
  • type " cat .deployment-secrets.txt " 
  • Now find the username and password of wazuh dashboard.

 

STEP 7:

After 15-20 minutes,

  • Go to Network Tab in Linode.
  • In the bottom, you should find reverse DNS address.
  • Copy it and paste it in the new tab in browser.

 
It should look like this.
  • Enter the credentials you found in the file ".deployment-secrets.txt" in STEP 6.
     
 
 
 
WAZUH is ready. 
 
 
 
Bye
See you in the next Blog....