Hi I have installed Wazuh on my local docker environment as mention below https://documentation.wazuh.com/current/deployment-options/docker/docker-installation.html But now i need to change the local host IP address from 127.0.0.1 that access the Wazuh manager. any idea how to do it? Please help
我试图亲眼看上下手,但似乎无法找到。
虽然StackOverflow请你回答不要要求澄清,但我必须请你澄清你想要具体做些什么,因为你提出的问题在你要求它的情况下是含糊不清的,因为我会作如下解释,否则我将试图回答我就你的案件提出的这三个问题。
About the value specified in the ossec.conf file, this is specifically related to Active Response:
This specifies an IPv4 address, netblock, or hostname for which Active Responses will not be triggered. Only one of those values may be specified for each <while_list> tag, but several values may be used by including multiple <white_list> tags. This configuration is compared against the extracted srcip field in the alert.
<global>
<white_list>127.0.0.1</white_list>
<white_list>^localhost.localdomain$</white_list>
</global>
请注意,集装箱之间的通信是通过Docker内部创建的内部网络进行的,集装箱之间的连接是通过提及服务名称进行的,例如,在单一标准码头进行。 船上有3处:wazuh.manager,,
例如,在Wazuh dash板集装箱中,在/usr/comm/wazuh-dash板/data/wazuh/config/wazuh.yml文档中,请参阅url:“https://wazuh.manager”。
About the ports, a deployment performed on my local machine looks like this, is in this output where you are seeing 127.0.0.1?
╰─➤ sudo netstat -tuplen | grep -E "1514|1515|55000|514|9200|443"
tcp 0 0 0.0.0.0:1515 0.0.0.0:* LISTEN 0 205714 20725/docker-proxy
tcp 0 0 0.0.0.0:1514 0.0.0.0:* LISTEN 0 221209 20743/docker-proxy
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 0 224335 21284/docker-proxy
tcp 0 0 0.0.0.0:9200 0.0.0.0:* LISTEN 0 215526 20660/docker-proxy
tcp 0 0 0.0.0.0:55000 0.0.0.0:* LISTEN 0 210906 20706/docker-proxy
tcp6 0 0 :::1515 :::* LISTEN 0 211841 20731/docker-proxy
tcp6 0 0 :::1514 :::* LISTEN 0 211846 20749/docker-proxy
tcp6 0 0 :::443 :::* LISTEN 0 225318 21296/docker-proxy
tcp6 0 0 :::9200 :::* LISTEN 0 210859 20668/docker-proxy
tcp6 0 0 :::55000 :::* LISTEN 0 215547 20713/docker-proxy
udp 0 0 0.0.0.0:514 0.0.0.0:* 0 221229 20761/docker-proxy
udp6 0 0 :::514 :::* 0 211851 20768/docker-proxy
关于主编,注意到集装箱中不存在持久性,因为集装箱不是多克集装箱的理论,任何变化都应当由外部持久性来进行,无论如何,你都可以使用grep -R”“价值”的指令进行再搜查。
蒸zu的部署需要多少时间?
[2024-03-14T06:28:03,694][INFO ][o.e.c.m.MetadataDeleteIndexService] [ra-node-1] [employee/mfZeszL8T9GW2bHC9C5Yyg] deleting index [2024-03-14T06:30:39,430][INFO ][o.e.c.m.MetadataCreateIndexService] [...
同前,我已把Wazuh安装在我的当地码头环境中,见以下网址:https://documentation.wazuh.com/tant/dplo-options/docker/docker-installation.html。
for setup wazuh, im already follow the documentation from here wazuh clamav im also update the config as follows LogSyslog true OnAccessExcludeRootUID yes for testing, im adding new user user and set ...