Wazuh Agent on an Anubiz Offshore VPS
Wazuh is open-source SIEM with agents on each host reporting to a central manager. On an Anubiz fleet you point each VPS agent at one Wazuh manager (could be another Anubiz VPS or your own infra) and gain file integrity monitoring, vuln scanning, SCA (security configuration assessment) and syscall-level audit. This guide is the agent install on a single Anubiz VPS, assuming a Wazuh manager already exists.
Need this done for your project?
We implement, you ship. Async, documented, done in days.
Step 1: Install Agent
From the Wazuh repo, apt install wazuh-agent. Edit /var/ossec/etc/ossec.conf: set <server><address>manager-ip</address></server>. Pre-shared key from the manager's agent-add tool.
Step 2: File Integrity Monitoring
Default config monitors /etc, /usr/bin, /usr/sbin. Add app dirs: <directories check_all="yes">/var/www</directories>.
Step 3: Vulnerability Detection
Manager-side feeds CVE data. The agent ships installed package list; manager correlates. Reports show CVEs by severity per host.
Step 4: Audit Daemon Hook
Wazuh integrates with auditd. Enable auditd on the VPS, Wazuh sends syscall-level events to the manager for the rules you care about (sudo, mount, ptrace).
Step 5: SCA
Run SCA policies (CIS, PCI). Each policy is a YAML of checks like SSH config and sysctl values. Output a compliance score per host on the manager dashboard.
Related Services
Why Anubiz Host
Ready to get started?
Skip the research. Tell us what you need, and we'll scope it, implement it, and hand it back — fully documented and production-ready.