Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/rsol9000-01/wazuh/llms.txt

Use this file to discover all available pages before exploring further.

The Wazuh Docker Stack is a production-ready Docker Compose deployment of Wazuh 4.14.5 for the Simovilab environment. It bundles all four Wazuh components — Indexer, Manager, Dashboard, and Agent — with automated TLS certificate generation, pre-configured security policies, and a development helper script to manage the full lifecycle.

Quickstart

Deploy the full Wazuh stack in minutes with a step-by-step guide.

Architecture

Understand the components, ports, and data flow of the stack.

Server Deployment

Deploy the Wazuh Indexer, Manager, and Dashboard services.

Agent Deployment

Connect a Wazuh agent — containerized or native — to the Manager.

What’s Included

The stack is composed of four services, all running on Wazuh 4.14.5 images:
ComponentImageRole
Wazuh Indexerwazuh/wazuh-indexer:4.14.5OpenSearch-based data store for alerts and events
Wazuh Managerwazuh/wazuh-manager:4.14.5Core analysis engine, ruleset engine, and REST API
Wazuh Dashboardwazuh/wazuh-dashboard:4.14.5Web UI served over HTTPS on port 6443
Wazuh Agentwazuh/wazuh-agent:4.14.5Host monitoring agent with Docker listener enabled

Key Capabilities

TLS Everywhere

Auto-generated self-signed certificates for all inter-service communication using wazuh-certs-generator.

Docker Monitoring

Built-in docker-listener wodle captures container lifecycle events from the host socket.

File Integrity Monitoring

Real-time FIM on critical directories (/etc, /bin, /sbin) with change alerts.

Vulnerability Detection

Automated vulnerability feed updates every 60 minutes with indexed results.

Security Configuration Assessment

CIS Ubuntu 22.04 benchmark scanning via SCA with configurable policy interval.

Active Response

Automated responses including firewall-drop, host-deny, and disable-account.

Get Started

1

Clone the repository and configure your environment

Copy .env.example to .env and set your credentials and network settings.
2

Generate TLS certificates

Run the certificate generator compose file to produce all required PEM files.
3

Deploy the stack

Use docker compose up -d or the wazuh-dev.sh script to bring up all services.
4

Access the Dashboard

Open https://<your-host>:6443 in your browser and log in with your configured credentials.
The scripts/wazuh-dev.sh helper script validates prerequisites, sets vm.max_map_count, hashes passwords, generates certificates, and starts the stack — all in one command. See the Quickstart for the full walkthrough.

Build docs developers (and LLMs) love