Access Wazuh Dashboard
URL: https://<SERVER_IP>
ข้อมูลการเข้าสู่ระบบ:
- ชื่อผู้ใช้:
admin - รหัสผ่าน: ถูกเก็บไว้ใน
/root/wazuh-install-files.tar
Access Stored Passwords
All default passwords for Wazuh Manager, API, Indexer, and agents are included in the tar archive.
ไฟล์: /root/wazuh-install-files.tar
To extract the passwords:
tar -O -xvf /root/wazuh-install-files.tar wazuh-install-files/wazuh-passwords.txt
Open Ports
Make sure these ports are allowed in the firewall:
443: Wazuh Dashboard HTTPS9200: Wazuh Indexer API (Elasticsearch)55000: Agent to Manager communication (TCP)1514: Wazuh Remoted syslog (TCP)1515: Wazuh Remoted additional syslog (TCP)
ไฟล์และไดเร็กทอรีที่สำคัญ
- Password archive:
/root/wazuh-install-files.tar - Manager configuration files:
/var/ossec/etc/(containsossec.conf, rules, decoders) - Manager logs:
/var/ossec/logs/ossec.log - Manager data directories:
/var/ossec/queue/,/var/ossec/active-responses/ - Dashboard configuration:
/etc/wazuh-dashboard/(containsdashboard.yml, SSL certificates) - Dashboard logs:
/var/log/wazuh-dashboard/ - Indexer configuration:
/etc/wazuh-indexer/(containselasticsearch.yml, roles) - Indexer data:
/var/lib/wazuh-indexer/ - Indexer logs:
/var/log/wazuh-indexer/
การจัดการบริการ
ตรวจสอบสถานะ:
systemctl status wazuh-manager
systemctl status wazuh-api
systemctl status wazuh-dashboard
systemctl status wazuh-indexer
เริ่มบริการใหม่:
systemctl restart wazuh-manager wazuh-api wazuh-dashboard wazuh-indexer
Viewing logs:
tail -f /var/ossec/logs/ossec.log
tail -f /var/log/wazuh-dashboard/wazuh-dashboard.log
tail -f /var/log/wazuh-indexer/wazuh-indexer.log
Notes and Recommendations
- The Wazuh Dashboard runs on HTTPS by default.
- ตรวจสอบให้แน่ใจว่าท่าเรือ
443,9200,55000,1514, และ1515are open for full functionality. - Use the extracted passwords in
/root/wazuh-install-files.tarfor agent registration and API access.