The Wazuh Docker Stack is a production-ready Docker Compose deployment of Wazuh 4.14.5 for the Simovilab environment. It bundles all four Wazuh components — Indexer, Manager, Dashboard, and Agent — with automated TLS certificate generation, pre-configured security policies, and a development helper script to manage the full lifecycle.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/rsol9000-01/wazuh/llms.txt
Use this file to discover all available pages before exploring further.
Quickstart
Deploy the full Wazuh stack in minutes with a step-by-step guide.
Architecture
Understand the components, ports, and data flow of the stack.
Server Deployment
Deploy the Wazuh Indexer, Manager, and Dashboard services.
Agent Deployment
Connect a Wazuh agent — containerized or native — to the Manager.
What’s Included
The stack is composed of four services, all running on Wazuh 4.14.5 images:| Component | Image | Role |
|---|---|---|
| Wazuh Indexer | wazuh/wazuh-indexer:4.14.5 | OpenSearch-based data store for alerts and events |
| Wazuh Manager | wazuh/wazuh-manager:4.14.5 | Core analysis engine, ruleset engine, and REST API |
| Wazuh Dashboard | wazuh/wazuh-dashboard:4.14.5 | Web UI served over HTTPS on port 6443 |
| Wazuh Agent | wazuh/wazuh-agent:4.14.5 | Host monitoring agent with Docker listener enabled |
Key Capabilities
TLS Everywhere
Auto-generated self-signed certificates for all inter-service communication using
wazuh-certs-generator.Docker Monitoring
Built-in
docker-listener wodle captures container lifecycle events from the host socket.File Integrity Monitoring
Real-time FIM on critical directories (
/etc, /bin, /sbin) with change alerts.Vulnerability Detection
Automated vulnerability feed updates every 60 minutes with indexed results.
Security Configuration Assessment
CIS Ubuntu 22.04 benchmark scanning via SCA with configurable policy interval.
Active Response
Automated responses including
firewall-drop, host-deny, and disable-account.Get Started
Clone the repository and configure your environment
Copy
.env.example to .env and set your credentials and network settings.Generate TLS certificates
Run the certificate generator compose file to produce all required PEM files.
The
scripts/wazuh-dev.sh helper script validates prerequisites, sets vm.max_map_count, hashes passwords, generates certificates, and starts the stack — all in one command. See the Quickstart for the full walkthrough.