How To Install Wazuh Server
Wazuh is a full SIEM (Security Information Event Management) that works extremely well with the platforms it natively supports as an "Agent", which allows you to do scans of everything such as all processes running, CVE vulnerability check, incident reporting etc...
This is the easiest way:
The unattended install makes things a breeze to configure all of the components automatically including Kibana, Elasticsearc........
On a test machine Iwas never able to access to a newly created 4th partiton. As we can see there are dev devices for everything but the 4th partition.
The normal "partprobe" or "kpartx" or kernel being told to rescan the block device didn't help (only a reboot did).
fdisk -l /dev/sda
Disk /dev/sda: 750.2 GB, 750156374016 bytes
255 heads, 63 sectors/track, 91201 cylinders
W: GPG error: http://archive.debian.org squeeze Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AED4B06F473041FA NO_PUBKEY 64481591B98321F9
No clue how to fix this.........
Still looking for the solution
Working Solution 2017/07
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys D46F45428842CE5E
gpg --keyserver hkp://subkeys.pgp.net --recv-keys D46F45428842CE5E
gpg: requesting key 8842CE5E from hkp server subkeys.pgp.net
gpg: keyserver timed out
At first it was configured as a RAID 0, then I deleted the Virtual Disk Group.
I thought both drives would be shown and detected in Linux as sda and sdb but it actually shows nothing.
To make them work you have to hit Ctrl+R before the system boots (when prompted) and create a Virtual Disk Group. In my case I created each one as RAID 0 (with a single drive only) as I just wanted JBOD but there is no such option or default in these Dell Pe........