try.directtry.direct
+(373) 60 775 719

Dashboard

/

Home

/

Applications

/

elk-wazuh

elk-wazuh

What is ELK + Wazuh stack


ELK (Elasticsearch, Logstash, Kibana) + Wazuh stack is built with Docker Compose. This stack enables you to create your own security monitoring server based on Wazuh, where ELK is used to aggregate and analyze logs from all the systems and apps, timely detecting threats and monitoring integrity. You can add as many Wazuh agents as the server resources allow. It is recommended to choose the server with at least 4 GB of RAM, 2xCPU and SSD disk for better performance.


What does ELK + Wazuh stack include

  • Nginx
  • Kibana
  • Elasticsearch
  • Logstash
  • Wazuh
  • Curator

Docker images used:


NGINX versions

https://hub.docker.com/repository/docker/trydirect/nginx


NGINX-WAF versions

https://hub.docker.com/repository/docker/trydirect/nginx-waf


Kibana versions

https://hub.docker.com/r/wazuh/wazuh-kibana


Elasticsearch versions

https://hub.docker.com/r/wazuh/wazuh-elasticsearch


Logstash versions

https://hub.docker.com/r/wazuh/wazuh-logstash


Wazuh versions

https://hub.docker.com/r/wazuh/wazuh


Curator versions

https://hub.docker.com/repository/docker/trydirect/curator



What is ELK + Wazuh

"ELK" is the acronym used to refer to the three open-source projects:

  • Elasticsearch is a search and analytics engine designed for substantial data volumes storage, search, and analysis.
  • Logstash is a server‑side data processing pipeline, allowing you to collect data from multiple sources at the same time, convert it on the go, and then send it to the destination you choose. Elasticsearch in this case.
  • Kibana is an open-source user interface, letting users visualize data with intuitive charts and graphs in Elasticsearch.

In its turn, Wazuh is an open-source security monitoring solution used for data collection, aggregation, indexing, and analysis. It helps institutions detect cyber threats, investigate them and respond accordingly.


Who is using ELK + Wazuh stack

  • Data analysts
  • Application developers
  • Data protection officers
  • CyberSecurity experts
  • Web developers

What are the benefits of using ELK + Wazuh stack

  • TryDirect takes over the pretty difficult software installation and pre-configuration process
  • We provide all the config files on the server available to you for tuning and reconfiguration
  • The IT security professionals get a decent starting point
  • You can upgrade/downgrade your application to the most recent version in a couple of clicks
  • Your app is starting up faster and is performing better

Number of servers required

Single VPS

Companion apps

Usually installed alongside
Portainer CE
Portainer CE
What is Portainer ?
Custom Optimization
Custom Optimization
Netdata self-hosted
Netdata self-hosted
What is Netdata?