Skip to main content

Security monitoring for OpenSearch Dashboards

Comprehensive plugins for threat detection, compliance management, and endpoint visibility. Monitor security events, detect vulnerabilities, and maintain compliance across your infrastructure.

Get startedAPI reference

Quick start

Get up and running with Wazuh Dashboard Plugins in minutes

1

Install the plugins

Install Wazuh Dashboard Plugins compatible with your OpenSearch Dashboards version. The plugins are distributed as part of the Wazuh platform or can be built from source.
# Download the plugin package
wget https://packages.wazuh.com/wazuhapp/wazuhapp-5.0.0-3.5.0.zip

# Install the plugin
/usr/share/wazuh-dashboard/bin/opensearch-dashboards-plugin install file:///path/to/wazuhapp-5.0.0-3.5.0.zip
Ensure your OpenSearch Dashboards version matches the plugin compatibility requirements. See the compatibility page for version mappings.
2

Configure the Wazuh API connection

Configure the connection to your Wazuh server API in the OpenSearch Dashboards settings. You can add multiple API hosts for high availability.
opensearch_dashboards.yml
wazuh.hosts:
  - production:
      url: https://wazuh-api.example.com
      port: 55000
      username: wazuh-admin
      password: wazuh-password
      run_as: false
Enable run_as mode to allow users to authenticate with their own Wazuh credentials instead of using a shared API user.
3

Access the dashboard

Restart OpenSearch Dashboards and navigate to the Wazuh application. The plugins will initialize the required index patterns and health checks automatically.
systemctl restart wazuh-dashboard
Open your browser and go to https://your-dashboard-url/app/wazuh. You’ll see the main dashboard with agent overview, security events, and threat hunting capabilities.
4

Deploy your first agent

Deploy a Wazuh agent to start monitoring endpoints. Agents collect security data and send it to the Wazuh server for analysis.
Linux
curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg
echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list
apt-get update
apt-get install wazuh-agent
Once the agent is registered and connected, you’ll see it in the Agents section of the dashboard with real-time monitoring data.

Explore by topic

Dive into specific areas of security monitoring and compliance

Threat hunting

Browse security alerts, identify threats, and investigate incidents across your infrastructure

File integrity monitoring

Track changes to critical files, including permissions, content, ownership, and attributes

Vulnerability detection

Discover applications affected by known vulnerabilities and prioritize remediation

Compliance monitoring

Maintain compliance with PCI DSS, GDPR, HIPAA, NIST 800-53, and TSC frameworks

Cloud integrations

Monitor AWS, GCP, Azure, Office 365, and GitHub for security events and misconfigurations

Agent management

Deploy, configure, and monitor Wazuh agents across your endpoint infrastructure

Key features

Everything you need for comprehensive security monitoring

Real-time threat detection

Monitor security events in real-time with advanced correlation rules and MITRE ATT&CK mapping

Compliance automation

Automated compliance reporting for regulatory frameworks with customizable dashboards

Cloud-native monitoring

Native integrations with AWS, GCP, Azure, and other cloud providers for comprehensive visibility

Developer-friendly API

Comprehensive plugin architecture with React components and RESTful API integration

Resources

Everything you need to get started and stay informed

GitHub repository

View source code, report issues, and contribute to development

View on GitHub

Official documentation

Complete Wazuh platform documentation including installation and configuration

Read the docs

Community Slack

Join the Wazuh community to ask questions and share knowledge

Join Slack

Ready to start monitoring?

Get started with Wazuh Dashboard Plugins today and gain comprehensive visibility into your security posture. Follow our quickstart guide to deploy your first monitored environment.

Start the quickstart