Implement a Host-Based Intrusion Detection System

Gain hands-on experience configuring Wazuh as a host-based intrusion detection system. You will install and configure a Wazuh server, Filebeat, and Kibana for Wazuh. You will also configure clients to be monitored by Wazuh and view configured clients and security events.

Time
30 minutes
Difficulty
Beginner
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Sign up with Google
Sign up with Apple
Sign up with Microsoft
View all SSO options

Already have an account? Sign In »

Overview

Note: Once you begin the Challenge Lab, you will not be able to pause, save, or exit and then return to your Challenge Lab. Please ensure that you have set aside enough time to complete the Challenge Lab before you start.

Understand the Scenario

You are a network and security administrator. You need to configure Wazuh as a host-based intrusion detection system. First, you will install and configure a Wazuh server, and then you will install and configure Filebeat for Wazuh. Next, you will install Kibana for Wazuh, and then you will configure clients to be monitored by Wazuh. Finally, you will view the configured clients and security events in Wazuh.

Understand your environment

You will be using a Ubuntu virtual machine named Ubuntu 20.4 as a Wazuh server, a Kali Linux virtual machine named Kali Linux 2021 as a Wazuh client, and two Windows 10 virtual machines named WIN 10-CL-1 and WIN 10-CL-2 as Wazuh clients.

Learning Partner
Skillable

Ready-built content across a variety of topics and technologies