| Port details |
- wazuh-server Components for analyze the data received from the agents
- 4.11.0 security
 =3      4.9.2Version of this port present on the latest quarterly branch. - Maintainer: acm@FreeBSD.org
- Port Added: 2022-09-25 05:48:10
- Last Update: 2025-03-04 16:06:06
- Commit Hash: 1e06b54
- People watching this port, also watch:: prestashop, courier-authlib-userdb, rubygem-fluent-plugin-file-alternative, nagios-check_hdd_health, pure-ftpd
- License: GPLv2
- WWW:
- https://wazuh.com/
- Description:
- Wazuh is a free and open source platform used for threat prevention, detection,
and response. It is capable of protecting workloads across on-premises,
virtualized, containerized, and cloud-based environments.
Wazuh solution consists of an endpoint security agent, deployed to the
monitored systems, and a management server, which collects and analyzes data
gathered by the agents. Besides, Wazuh has been fully integrated with the
Elastic Stack, providing a search engine and data visualization tool that
allows users to navigate through their security alerts.
  ¦  ¦  ¦  ¦ 
- Manual pages:
- FreshPorts has no man page information for this port.
- pkg-plist: as obtained via:
make generate-plist - Dependency lines:
-
- wazuh-server>0:security/wazuh-server
- To install the port:
- cd /usr/ports/security/wazuh-server/ && make install clean
- To add the package, run one of these commands:
- pkg install security/wazuh-server
- pkg install wazuh-server
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: wazuh-server
- Flavors: there is no flavor information for this port.
- distinfo:
- TIMESTAMP = 1740982474
SHA256 (wazuh-4.11.0/filebeat.yml) = bbcf6fe806a32b505b0848386d71684868be85965bfb91b117dff15c9de7c247
SIZE (wazuh-4.11.0/filebeat.yml) = 1120
Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Runtime dependencies:
-
- filebeat : sysutils/beats7
- logstash : sysutils/logstash8
- wazuh-control : security/wazuh-manager
- There are no ports dependent upon this port
Configuration Options:- ===> The following configuration options are available for wazuh-server-4.11.0:
FILEBEAT=on: Install filebeat component
LOGSTASH=on: Install logstash component
WAZUH-MANAGER=on: Install wazuh manager component
===> Use 'make config' to modify these settings
- Options name:
- security_wazuh-server
- USES:
- dos2unix
- pkg-message:
- For install:
- Wazuh server components were installed
1) Wazuh server componenets are based on Wazuh manager and Filebeat projects.
This guide help you to adapt wazuh configuration for it works on FreeBSD
using apps are part of ports tree. We are using an alternative way to
configure wazuh server components on FreeBSD. It is necessary configure
logstash between filebeat and opensearch because FreeBSD does not include
versions lesser or equal to 7.16.x of Filebeat into ports tree.
2) Do not forget take a look to wazuh-manager post install message to configure
the wazuh-server component.
# pkg info -D -x wazuh-manager | less
3) Copy /usr/local/etc/wazuh-server/filebeat.yml to /usr/local/etc/beats/
directory
4) Copy /usr/local/etc/wazuh-server/logstash.yml and /usr/local/etc/wazuh-server/wazuh-template.json
files to /usr/local/etc/logstash/ directory
5) You can use my own version of wazuh certificates generator for generate
root, admin, indexer, server and dashboard certificates used by wazuh
components.
https://people.freebsd.org/~acm/ports/wazuh/wazuh-gen-certs.tar.gz
6) Edit filebeat.yml and logstash.yml files and changes options accord to your
setup. For example host, ssl, filter, etc. Sample files can give you a good
guide about that.
7) Install logstash-output-opensearch plugin
# cd /usr/local/logstash/bin
# sh -c "JAVA_HOME=/usr/local/openjdk11 ./logstash-plugin install logstash-output-opensearch"
8) Check if logstash-output-opensearch plugin was installed
# sh -c "JAVA_HOME=/usr/local/openjdk11 ./logstash-plugin list | grep logstash-output-opensearch"
9) Add Filebeat and Logstash to /etc/rc.conf
# sysrc filebeat_enable="YES"
# sysrc logstash_enable="YES"
10) Start Filebeat and Logstash services
# service filebeat start
# service logstash start
11) You can look more useful information at the following link:
https://documentation.wazuh.com/current/installation-guide/wazuh-server/step-by-step.html
Take on mind wazuh arquitecture on FreeBSD is configurated not similar like
you can read at wazuh guide. Some times you could decided configure logstash
on another host. If it is your case you must adapt some points in this guide.
12) Enjoy it
- Master Sites:
- There is no master site for this port.
|
| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
4.11.0
04 Mar 2025 16:06:06
 |
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.11.0
- Update py-pyarrow whl to 19.0.1
ChangeLog at:
https://documentation.wazuh.com/current/release-notes/release-4-11-0.html
Sponsored by: Entersekt |
4.10.1
19 Jan 2025 09:38:59
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.10.1
- Update bundle python to 3.11.11
- Update opensearch dependency to 2.16.x
- Update opensearch-dashboards dependency to 2.16.x
ChangeLog
at: https://documentation.wazuh.com/current/release-notes/release-4-10-1.html |
4.9.2
03 Dec 2024 01:49:45
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.9.2
- wazuh-manager: Remove support for freebsd13-aarch64
- wazuh-manager: Cache files were generated from python3.11 instead of
python3.10
- wazuh-manager: Remove obsolete patch files
- wazuh-dashboards : Use opensearch-dashboards230 instead of
opensearch-dashboards210
ChangeLog at: https://github.com/wazuh/wazuh/releases
https://github.com/wazuh/wazuh-dashboard-plugins/releases
PR: 282160
Reported by: Ian Dickens <ian at south-border.com> |
4.7.5
15 Jun 2024 17:38:13
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.7.5
- Fix build/installation on aarch64
- Fix runtime issues on 14.x and 15.x because of openssl3 support [1]
PR: 279363
Reported by: girgen [1] |
4.7.4
11 May 2024 01:51:29
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.7.4
- Fix wazuh-agent segment fault (agent and manager) [1]
- Improve configuration files (agent and manager)
- Update py-pyarrow into cache file to 15.0.2 (manager)
- Update cache files used by wazuh-manager.
- Other minor modifications
ChangeLog
at: https://documentation.wazuh.com/current/release-notes/release-4-7-4.html
Obtained from: https://github.com/wazuh/wazuh/issues/23154 [1] |
4.7.3
23 Mar 2024 22:22:45
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.7.3
ChangeLog
at: https://documentation.wazuh.com/current/release-notes/release-4-7-3.html |
4.7.2
16 Jan 2024 04:57:46
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.7.2
- Install FreeBSD rules, decoders and SCA files by default
- Strip python binary and so files
- Add devel/libffi and databases/arrow to LIB_DEPENDS
- Update pkg-message files
- Othe minor modifications
ChangeLog
at: https://documentation.wazuh.com/current/release-notes/release-4-7-2.html |
4.7.1_1
27 Dec 2023 00:26:54
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-server: Bump PORTREVISION. wazuh-manager was updated |
4.7.1
22 Dec 2023 17:57:24
|
Jose Alonso Cardenas Marquez (acm) |
securty/wazuh-*: Update to 4.7.1
- Remove support for 12.x (EoL)
- Change some config files to sample files
- Fix syscollector issue when network port is equal to *
ChangeLog
at: https://documentation.wazuh.com/current/release-notes/release-4-7-1.html |
4.7.0
16 Dec 2023 21:36:43
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh: Update to 4.7.0
- Fix ssl=openssl build [1]
- Fix permissions of backup/db directory. Now backup are generated without
problems
- Add support for get ports info
- Add support for get processes info
- Add a better way for get memory info
- Add new decoders and rules files (https://github.com/alonsobsd/wazuh-freebsd)
- Update FreeBSD sca files (https://github.com/alonsobsd/wazuh-freebsd)
- Minor changes to SysInfo::getPackages function
- Another minor modifications
PR: 275008
Reported by: franco _at_ opnsense.org [1] |
4.6.0
03 Nov 2023 18:47:31
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.6.0
- security/wazuh-manager: Deactivate CIS files. The are renamed to
yml.deprecated
- security/wazuh-agent: Don't install all CIS files
- Turn security.keys a sample file. It helps to avoid remove client.keys on
update
- Update pkg-message.in files
- Another minor modifications |
4.5.4
23 Oct 2023 23:02:07
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.5.4
ChangeLog
at: https://documentation.wazuh.com/current/release-notes/release-4-5-4.html |
4.5.3
19 Oct 2023 22:21:22
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.5.3
- security/wazuh-agent: Enable INOTIFY option by default. It enables Kevent
based real time monitoring. See some examples like use it at:
https://wazuh.com/blog/detecting-common-linux-persistence-techniques-with-wazuh/
- security/wazuh-manager: Add entries to pkg-message.in about FreeBSD SCA files
and FreeBSD decoders and rules files. I'll maintain update versions of these
files at https://github.com/alonsobsd/wazuh-freebsd
- security/wazuh-dashboard: Update project url to new one
- Othe minor modifications |
4.5.2
03 Oct 2023 05:27:34
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: update to 4.5.2
- wazuh-indexer and wazuh-dashboards now use 2.10.0 version of opensearch and
opensearch-dashboard
ChangeLog
at: https://documentation.wazuh.com/current/release-notes/release-4-5-2.html |
4.5.0
18 Aug 2023 05:25:50
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.5.0
- wazuh-indexer and wazuh-dashboards now use 2.9.0 version of opensearch and
opensearch-dashboard
- Revert beats dependency to beats7 (filebeat) at security/wazuh-server. beats8
has some issues with filebeat (Take a look at PR/272701) |
4.4.4
21 Jun 2023 19:19:06
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.4.4
- Add python path files from lang/python39/files
- wazuh-indexer and wazuh-dashboards now use 2.8.0 version of opensearch and
opensearch-dashboard
- Update beats dependency to beats8 (filebeat) at security/wazuh-server |
4.4.3
30 May 2023 04:24:56
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.4.3
- Mark IGNORE on FreeBSD 12-aarch64
- Use makepatch to generate patch files
- Fix typo at wazuh-agent and wazuh-manager pkg-message files [1]
- Fix some linking issues when devel/libsysinfo is installed (using ports).
wazuh-manager compile/install a library with the same name like libsysinfo and
it is used by syscollector feature.
- wazuh-dashboard use opensearch-dashboards 2.7.0
- Some other modifications
ChangeLog at: https://github.com/wazuh/wazuh/releases
PR: 271376
Reported by: lambert _ at _ sanesecurityguy.com [1] |
4.4.1
17 Apr 2023 23:51:44
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: update to 4.4.1
ChangeLog at: https://github.com/wazuh/wazuh/releases/tag/v4.4.1 |
4.4.0
31 Mar 2023 03:30:20
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.4.0
- security/wazuh-manager: Add support for aarch64
ChangeLog at: https://github.com/wazuh/wazuh/releases/tag/v4.4.0 |
4.3.10
18 Nov 2022 03:39:27
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: Update to 4.3.10
ChangeLog at: https://github.com/wazuh/wazuh/releases/tag/v4.3.10 |
4.3.9
30 Oct 2022 21:37:32
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-*: update to 4.3.9
ChangeLog at: https://github.com/wazuh/wazuh/releases/tag/v4.3.9 |
4.3.8
25 Sep 2022 05:44:21
|
Jose Alonso Cardenas Marquez (acm) |
security/wazuh-server: New port: Components for analyze the data received from
the agents
Wazuh is a free and open source platform used for threat prevention, detection,
and response. It is capable of protecting workloads across on-premises,
virtualized, containerized, and cloud-based environments.
Wazuh solution consists of an endpoint security agent, deployed to the
monitored systems, and a management server, which collects and analyzes data
gathered by the agents. Besides, Wazuh has been fully integrated with the
Elastic Stack, providing a search engine and data visualization tool that
allows users to navigate through their security alerts. |
As an Amazon Associate I earn from qualifying purchases.