Overview
Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response, and regulatory compliance.
The solution includes the Wazuh server, which is in charge of analyzing the data received from the agents, processing events through decoders and rules, and using threat intelligence to look for well-known IOCs (Indicators Of Compromise). A single Wazuh server can analyze data from hundreds or thousands of agents. Alerts generated by Wazuh are sent to Wazuh indexer, where they are indexed and stored. The unique integration between Wazuh and Wazuh dashboard provides a powerful user interface for data visualization and analysis. The server is also used to manage the agents, configuring and upgrading them remotely when necessary. Additionally, the server is capable of sending orders to the agents, for example, to trigger a response when a threat is detected.
Wazuh provides a security solution capable of monitoring your infrastructure, detecting threats, intrusion attempts, system anomalies, poorly configured applications, and unauthorized user actions. It also provides a framework for incident response and compliance, all in one platform.
Highlights
- Open Source Security Platform
- Host Based Intrusion Detection Solution
- Endpoint Detection and Response
Details
Typical total price
$0.154/hour
Pricing
- ...
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
---|---|---|---|
t2.xlarge | $0.00 | $0.186 | $0.186 |
t2.2xlarge | $0.00 | $0.371 | $0.371 |
t3.xlarge | $0.00 | $0.166 | $0.166 |
t3.2xlarge | $0.00 | $0.333 | $0.333 |
t3a.xlarge | $0.00 | $0.15 | $0.15 |
t3a.2xlarge | $0.00 | $0.301 | $0.301 |
m3.xlarge | $0.00 | $0.266 | $0.266 |
m3.2xlarge | $0.00 | $0.532 | $0.532 |
m4.xlarge | $0.00 | $0.20 | $0.20 |
m4.2xlarge | $0.00 | $0.40 | $0.40 |
Additional AWS infrastructure costs
Type | Cost |
---|---|
EBS General Purpose SSD (gp3) volumes | $0.08/per GB/month of provisioned storage |
Vendor refund policy
We do not currently support refunds.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
See the instructions below
Hardware requirements: https://documentation.wazuh.com/current/quickstart.html#hardware
The instance needs to have the following protocols and ports configured for its correct operation. These requirements are provided in a default Security Group: https://documentation.wazuh.com/current/getting-started/architecture.html#required-ports
To access the instance by ssh, you will need to use the user: wazuh-user
The passwords of Wazuh indexer users will be updated with the instance_id at the first boot of the instance launched with the AMI. Keep in mind that access to the interface and through ssh is restricted until the process is complete. This process should not take more than 5 minutes using an instance type c5a.xlarge.
It is highly recommended to change the default passwords of Wazuh indexer users. To perform this action, see our Securing Wazuh section: https://documentation.wazuh.com/current/user-manual/securing-wazuh/wazuh-indexer.html
To access the Wazuh dashboard UI, navigate to the address https://<instance_ip> and log in with:
- Username: admin
- Password: <your_instance_id>
Resources
Vendor resources
Support
Vendor support
Wazuh has one of the largest open source security communities in the world. You can become part of it to learn from other users, participate in discussions, talk to our development team, and contribute to the project.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
Very good
I used this for internal testing, and it worked as expected. Make sure to change default passwords for production env.
Credentials Issues
not able to login with instance id as a password....Also Certbot is not included.
Not able to install certbot as given instaructions
Access UI issue
Can't access to the UI with the credencials u provide after installing the "Wazuh All-In-One Deployment". The instruction guide is not updated i guess