Monitor Network Computer Traffic -Must Have
Map Count has to be 262144 for Wazuh to work
Check by
$ sysctl vm.max_map_count
if you need to change
$ sudo sysctl -w vm.max_map_count=262144
add to config file to make perminant
config file in /etc/sysctl.conf
$ sudo nano /etc/sysctl.conf
$ vm.max_map_count=262144
Must be root for all steps
pick a place to put the clone
cd ~/home$ sudo git clone https://github.com/wazuh/wazuh-docker.git -b v4.4.5
$ cd /wazuh-docker/single-node
$ sudo docker-compose -f generate-indexer-certs.yml run --rm generator
Default port it will bind to is 443 (https) I am already running my webpage on apache which is running on 443 and 80 for http. So I set the port from 443 to and available port. I chose 3000. you can check what ports are open by
$ sudo netstat -tunlp
$ sudo nano docker-compose.yml
$ sudo docker-compose up -d
$ apt-get remove wazuh-agent
$ apt-get remove --purge wazuh-agent