Wazuh Deployment and Testing

Step-by-step deployment guide covering Wazuh Manager installation, agent setup, and alert validation
1

Installing Wazuh Manager

Reference

Web Link: https://documentation.wazuh.com/current/quickstart.html

WebPage Snapshot
Screenshot
Installation Command

Copied cmd and pasted into Kali terminal

Screenshot

Wazuh installation is done, credentials are highlighted below.

Screenshot
Access Dashboard

Open browser and enter: https://<wazuh-dashboard-ip>:443

Screenshot

Enter Credentials on login page

Screenshot
Wazuh Dashboard
Screenshot
2

Wazuh Agent Installation on Endpoints

Go to Wazuh Dashboard, click on Deploy New Agent and select your machine type, then enter Wazuh Manager PC IP address.

Screenshot Screenshot
Copy Command

Copy Cmd

Screenshot
Run on Endpoint

Paste the copied cmd on your Endpoint

Screenshot Screenshot
Start Agent

Now Copy Start agent cmd from Wazuh Dashboard

Screenshot

Paste copied cmd on endpoint.

Screenshot
Result

Agent deployment completed.

Screenshot
Verify Step 3

To verify — Go to Wazuh Dashboard and check

You can see here — in agent list our endpoint is listed now.

Screenshot
3

Alert Testing

Endpoint Details

This is my Endpoint IP address

Screenshot
Nmap Scan

Now I will do Nmap Scan using Kali and check the alert on Wazuh

Started Scanning

Screenshot Screenshot
Alert Triggered

Dashboard is showing an alert stating Reconnaissance

Reconnaissance In simple terms — gathering information about a target before attacking. (Eg. Think of it like a thief studying a bank before robbing it — checking entry points, guard shifts, cameras — without touching anything yet.)
Screenshot Screenshot Screenshot
Hence our Wazuh Manager and deployed agent both are working correctly.