git: 87bd216d39 - main - Status/2023Q2/wazuh.adoc Add report

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Lorenzo Salvadore <salvadore_at_FreeBSD.org>
Date: Wed, 05 Jul 2023 15:36:36 UTC
The branch main has been updated by salvadore:

URL: https://cgit.FreeBSD.org/doc/commit/?id=87bd216d39b0fb0b48075e04ed233d42ce58965c

commit 87bd216d39b0fb0b48075e04ed233d42ce58965c
Author:     José Alonso Cárdenas Márquez <acm@FreeBSD.org>
AuthorDate: 2023-07-05 15:27:26 +0000
Commit:     Lorenzo Salvadore <salvadore@FreeBSD.org>
CommitDate: 2023-07-05 15:33:31 +0000

    Status/2023Q2/wazuh.adoc Add report
    
    Reviewed by:    status (Pau Amma <pauamma@gundo.com>)
    Approved by:    dbaio (mentor, implicit)
---
 .../en/status/report-2023-04-2023-06/wazuh.adoc    | 40 ++++++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/website/content/en/status/report-2023-04-2023-06/wazuh.adoc b/website/content/en/status/report-2023-04-2023-06/wazuh.adoc
new file mode 100644
index 0000000000..6d0589b5c6
--- /dev/null
+++ b/website/content/en/status/report-2023-04-2023-06/wazuh.adoc
@@ -0,0 +1,40 @@
+=== Wazuh on FreeBSD
+
+Links: +
+link:https://www.wazuh.com/[Wazuh] URL: link:https://www.wazuh.com/[] +
+
+Contact: José Alonso Cárdenas Márquez <acm@FreeBSD.org>
+
+Wazuh is a free and open source platform used for threat prevention, detection, and response.
+It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments.
+
+The Wazuh solution consists of an endpoint security agent, deployed to the monitored systems, and a management server, which collects and analyzes data gathered by the agents.
+Besides, Wazuh has been fully integrated with the Elastic Stack or OpenSearch Stack, providing a search engine and data visualization tool that allows users to navigate through their security alerts.
+
+Wazuh porting to FreeBSD was started by mailto:m.muenz@gmail.com[Michael Muenz].
+The first Wazuh port he added to the FreeBSD ports tree was package:security/wazuh-agent[] in September 2021.
+In July 2022, I took maintainership of this port and I started porting other Wazuh components.
+
+Currently, all Wazuh components are part of the FreeBSD ports tree. It includes package:security/wazuh-manager[], package:security/wazuh-agent[],
+package:security/wazuh-server[], package:security/wazuh-indexer[] and package:security/wazuh-dashboard[] ports.
+
+On FreeBSD, package:security/wazuh-manager[] and package:security/wazuh-agent[] are compiled from Wazuh source code.
+package:security/wazuh-indexer[] is an adapted package:textproc/opensearch[] used for storing agents data.
+package:security/wazuh-server[] is a port for installing the package:security/wazuh-manager[], package:sysutils/beats8[] (filebeat), and package:sysutils/logstash8[] components.
+It includes adapted configuration files to work on FreeBSD.
+package:security/wazuh-dashboard[] uses an adapted package:textproc/opensearch-dashboards[] and the wazuh-kibana-app plugin generated from wazuh-kibana-app source code for FreeBSD.
+
+The main goal of this work is enhancing visibility of FreeBSD as a useful platform for information security or cybersecurity.
+
+Additionally, you can test a Wazuh single-node infrastructure (All-in-one) easily using link:https://github.com/alonsobsd/wazuh-makejail[] or link:https://github.com/AppJail-makejails/wazuh[] from link:https://github.com/DtxdF/AppJail[AppJail].
+AppJail is a good tool for managing jail containers from the command line.
+
+People interested in helping with the project are welcome.
+
+Current version: 4.4.4
+
+TODO
+
+* Add Wazuh cluster-mode infrastructure makejail (Work in progress)
+* Add FreeBSD to platforms officially supported by Wazuh Inc; see link:https://github.com/wazuh/wazuh-kibana-app/pull/5413[]
+* Add FreeBSD SCA Policy (Work in progress)