Cyber Security: Wazuh Install Docker

From OnnoWiki
Revision as of 10:48, 22 September 2025 by Onnowpurbo (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Oke 👍 saya jelaskan langkah-langkah **instalasi Wazuh dengan Docker di Ubuntu 24.04**. Cara ini lebih simpel karena pakai *docker-compose* resmi dari Wazuh.

---

    1. 1. Persiapan Server

Pastikan Ubuntu sudah update dan punya akses root/sudo:

```bash sudo apt update && sudo apt upgrade -y ```

Install paket dasar:

```bash sudo apt install -y curl apt-transport-https ca-certificates gnupg lsb-release ```

---

    1. 2. Install Docker & Docker Compose

Install Docker CE:

```bash curl -fsSL https://get.docker.com | sh ```

Tambahkan user ke grup docker (opsional biar tidak perlu sudo):

```bash sudo usermod -aG docker $USER ```

→ logout / login lagi agar aktif.

Cek versi:

```bash docker --version docker compose version ```

---

    1. 3. Ambil Repository Wazuh Docker

Clone repo resmi Wazuh:

```bash git clone https://github.com/wazuh/wazuh-docker.git -b v4.8.0 ```

  • (ganti `v4.8.0` dengan versi terbaru jika ada update)*

Masuk ke folder:

```bash cd wazuh-docker/single-node ```

---

    1. 4. Jalankan Wazuh

Jalankan stack Wazuh:

```bash docker compose up -d ```

Cek status container:

```bash docker ps ```

Container yang harusnya jalan:

  • `wazuh.manager` → core engine
  • `wazuh.dashboard` → UI web
  • `wazuh.indexer` → database/search

---

    1. 5. Akses Dashboard

Setelah semua jalan, buka browser ke:

``` https://<IP_SERVER>:443 ```

Default login (bisa dicek di `config/wazuh_dashboard_pass`):

  • User: `admin`
  • Password: auto-generate → lihat pakai:
 ```bash
 docker exec -it wazuh.dashboard cat /usr/share/wazuh-dashboard/data/wazuh/config/wazuh-passwords.txt
 ```

---

    1. 6. Install Agent (contoh Linux)

Di endpoint yang ingin dipantau:

```bash curl -sO https://packages.wazuh.com/4.8/wazuh-agent-4.8.0.deb sudo WAZUH_MANAGER="<IP_SERVER>" dpkg -i ./wazuh-agent-4.8.0.deb sudo systemctl enable wazuh-agent sudo systemctl start wazuh-agent ```

---

✅ Selesai! Sekarang log dari agent akan muncul di dashboard Wazuh.

---

Mau saya bikinkan juga **docker-compose.yml minimal** (single-node) biar tidak perlu clone repo resmi, cukup copy-paste file saja?

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Cyber_Security:_Wazuh_Install_Docker&oldid=72829"