| Port details on branch 2025Q3 |
- wazuh-manager Security tool to monitor and check logs and intrusions (manager)
- 4.12.0_2 security
 =0      4.12.0_2Version of this port present on the latest quarterly branch. - Maintainer: acm@FreeBSD.org
- Port Added: 2025-07-08 04:27:03
- Last Update: 2025-07-11 15:42:33
- Commit Hash: 346d6b8
- License: GPLv2
- WWW:
- https://wazuh.com/
- Description:
- Wazuh is a free and open source platform used for threat prevention, detection,
and response. It is capable of protecting workloads across on-premises,
virtualized, containerized, and cloud-based environments.
Wazuh solution consists of an endpoint security agent, deployed to the
monitored systems, and a management server, which collects and analyzes data
gathered by the agents. Besides, Wazuh has been fully integrated with the
Elastic Stack, providing a search engine and data visualization tool that
allows users to navigate through their security alerts.
  ¦  ¦  ¦  ¦ 
- Manual pages:
- FreshPorts has no man page information for this port.
- pkg-plist: as obtained via:
make generate-plist - Dependency lines:
-
- wazuh-manager>0:security/wazuh-manager
- Conflicts:
- CONFLICTS:
- To install the port:
- cd /usr/ports/security/wazuh-manager/ && make install clean
- To add the package, run one of these commands:
- pkg install security/wazuh-manager
- pkg install wazuh-manager
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: wazuh-manager
- Flavors: there is no flavor information for this port.
- ONLY_FOR_ARCHS: aarch64 amd64
- distinfo:
- TIMESTAMP = 1751610836
SHA256 (wazuh-4.12.0/audit-userspace.tar.gz) = e82a32e5edf93b055160e14bc97f41dead39287925851dc80a7638e2d4d30434
SIZE (wazuh-4.12.0/audit-userspace.tar.gz) = 1682820
Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- autoconf>=2.71 : devel/autoconf
- bash>0 : shells/bash
- cmake : devel/cmake-core
- gmake>=4.4.1 : devel/gmake
- python3.11 : lang/python311
- perl5>=5.40.r<5.41 : lang/perl5.40
- Test dependencies:
-
- python3.11 : lang/python311
- Runtime dependencies:
-
- bash>0 : shells/bash
- python3.11 : lang/python311
- perl5>=5.40.r<5.41 : lang/perl5.40
- Library dependencies:
-
- libarrow.so : databases/arrow
- libcurl.so : ftp/curl
- libepoll-shim.so : devel/libepoll-shim
- libffi.so : devel/libffi
- libgdbm.so : databases/gdbm
- libnghttp2.so : www/libnghttp2
- libopenblas.so : math/openblas
- libreadline.so.8 : devel/readline
- libsqlite3.so : databases/sqlite3
- This port is required by:
- for Run
-
- security/wazuh-server
Configuration Options:- ===> The following configuration options are available for wazuh-manager-4.12.0_2:
INOTIFY=off: Kevent based real time monitoring
PRELUDE=off: Sensor support from Prelude SIEM
ZEROMQ=off: ZeroMQ support
====> Options available for the group DATABASE
MYSQL=off: MySQL database support
PGSQL=off: PostgreSQL database support
===> Use 'make config' to modify these settings
- Options name:
- security_wazuh-manager
- USES:
- cpe gmake perl5 python:3.11 readline shebangfix sqlite:3 uidfix
- pkg-message:
- For install:
- Wazuh Manager was installed
1) Copy /etc/locatime to /var/ossec/etc directory
# cp /etc/localtime /var/ossec/etc
2) You must edit /var/ossec/etc/ossec.conf.sample for your setup and rename/copy
it to ossec.conf.
Take a look wazuh manager configuration at the following url:
https://documentation.wazuh.com/current/user-manual/manager/index.html
3) Move /var/ossec/etc/client.keys.sample to /var/ossec/etc/client.keys. This
file is used to store all agents credentials connected to wazuh-manager
# mv /var/ossec/etc/client.keys.sample /var/ossec/etc/client.keys
4) You can find additional useful files installed at
# /var/ossec/packages_files/manager_installation_scripts
5) Do not forget generate auth certificate
# openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 \
-subj "/C=US/ST=California/CN=Wazuh/" \
-keyout /var/ossec/etc/sslmanager.key -out /var/ossec/etc/sslmanager.cert
# chmod 640 /var/ossec/etc/sslmanager.key
# chmod 640 /var/ossec/etc/sslmanager.cert
6) FreeBSD rules, decoders and SCA files are installed by default. For more
information about updates take a look at:
https://github.com/alonsobsd/wazuh-freebsd
Decoders and rules are used for extract some /var/log/userlog and
/var/log/messages entries from FreeBSD agents. It is necessary add a localfile
entry to /var/ossec/etc/ossec.conf
<localfile>
<log_format>syslog</log_format>
<location>/var/log/userlog</location>
</localfile>
7) Add Wazuh manager to /etc/rc.conf
# sysrc wazuh_manager_enable="YES"
or
# service wazuh-manager enable
8) Start Wazuh manager
# service wazuh-manager start
9) Enjoy it ;)
- Master Sites:
|
As an Amazon Associate I earn from qualifying purchases.
