Implement a Host-Based Intrusion Detection System
Gain hands-on experience configuring Wazuh as a host-based intrusion detection system. You will install and configure a Wazuh server, Filebeat, and Kibana for Wazuh. You will also configure clients to be monitored by Wazuh and view configured clients and security events.
Already have an account? Sign In »
Note: Once you begin the Challenge Lab, you will not be able to pause, save, or exit and then return to your Challenge Lab. Please ensure that you have set aside enough time to complete the Challenge Lab before you start.
Understand the Scenario
You are a network and security administrator. You need to configure Wazuh as a host-based intrusion detection system. First, you will install and configure a Wazuh server, and then you will install and configure Filebeat for Wazuh. Next, you will install Kibana for Wazuh, and then you will configure clients to be monitored by Wazuh. Finally, you will view the configured clients and security events in Wazuh.
Understand your environment
You will be using a Ubuntu virtual machine named Ubuntu 20.4 as a Wazuh server, a Kali Linux virtual machine named Kali Linux 2021 as a Wazuh client, and two Windows 10 virtual machines named WIN 10-CL-1 and WIN 10-CL-2 as Wazuh clients.