OPNsense Forum
English Forums => Development and Code Review => Topic started by: juliocbc on May 21, 2019, 11:32:05 pm
-
Hi!
I've created this small script to put wazuh-agent to work together with OPNsense. It's working well in one of our environments, till now ;-)
Script:
https://github.com/cloudfence/opnsense-wazuh/blob/master/opnsense-ban.sh
The main idea is to ban an offensor IP address that is often is catch by the wazuh's active response feature.
If you are using OPNsense with Wazuh, I invite you to make some tests and let me know if it will work well for you too!
Installation instructions here: https://github.com/cloudfence/opnsense-wazuh/blob/master/README.md
-
Good addition! First I have to build an official port but the wazuh guys doing some unacceptable things in their install.sh
-
Michael,
Great!!! Just waiting your wazuh port.
About the plugin, what about if we work together in it?
-
Any news for a Wazuh Port?
Would be an amazing plugin for OPNsense I think.
-
How to install?
-
We may be working on a Wazuh plugin for the community. ;)
Cheers,
Franco
-
Thanks a lot for integrating Wazuh agent as an OPNsense plugin at version 23.7.2. I am using Wazuh as SIEM and installed wazuh-agent via CLI, configured Syslog-ng to produce the old standard log format and it works perfectly. Due to this plugin it will be easier to use Wazuh agent on new installed OPNsense firewalls. This saves time. Keep up your good work.
-
How to install Wazuh plugin?
-
You need to be on a later version and search for the plugin. Which version do you have installed?
-
Is any sudgestions for this issue?
https://forum.opnsense.org/index.php?topic=39222.msg192088
On latests version all the same :'(
os-wazuh-agent 1.0_1
OPNsense 24.1.4-amd64
FreeBSD 13.2-RELEASE-p10
OpenSSL 3.0.13
-
See other post