Wazuh Monitoring (Live)

Real-time monitoring of servers and workstations with Wazuh. Track your system security — agents, alerts, vulnerabilities, file integrity, and configuration changes. Visualization with OpenSearch and Grafana in live mode.

Live Refresh: every 30s • Period: last 24 hours

Demo view (read-only) Demo user: view_only / Password: Wazuh2025?-

Wazuh Dashboard — ns1 (001)

Wazuh Security Monitoring (Live)

The Wazuh dashboard provides centralized visibility over security events across all monitored servers and devices. It uses Filebeat for log collection, Elasticsearch (Wazuh Indexer) for indexing, and OpenSearch Dashboards for visualization.

The system analyzes real incidents and correlates data using MITRE ATT&CK, detecting failed logins, file integrity changes (FIM), rootkit detections, vulnerabilities (CVE), and SCA results.

When a threat is detected, Wazuh can send alerts via Email, Telegram, or Slack with details about the source, agent, and threat level. Through integrations with Prometheus and Alertmanager, security and performance data are combined for a complete infrastructure overview.

Security Events

Real-time logs from ns1 (agent 001): logins, failures, SSH brute-force, root/sudo actions, FIM, and more.

Vulnerabilities (CVE)

Overview of known weaknesses in packages or kernel. Prioritized by CVSS with recommended fixes.

SCA & MITRE ATT&CK

Configuration checks against security benchmarks, mapped to ATT&CK techniques for rapid response.