Wazuh Indexer

Installation guide for Wazuh Indexer

Definition

Wazuh Indexer is a search and indexing engine used to store and query log data. It is a customized fork of OpenSearch, specifically optimized by the Wazuh team to meet security monitoring requirements. The Indexer enables efficient log indexing, search, and alert storage, and is natively integrated with other Wazuh components such as the Wazuh Manager and Dashboard. For more information, refer to the official documentation:
https://documentation.wazuh.com/current/getting-started/components/wazuh-indexer.html

Installation

Since certificate-based security was configured in the OpenSearch section, you should skip the initial setup steps and begin from the "Nodes Installation" section of the Wazuh Indexer documentation:

👉 https://documentation.wazuh.com/current/installation-guide/wazuh-indexer/step-by-step.html#nodes-installation

Note:

Make sure to use the same certificates and passwords defined during the OpenSearch setup to avoid security conflicts.

Note:

Do apt-mark hold wazuh-indexer rather removing the package link so it can't be upgraded automaticaly

PreviousOpensearch

NextManager

Getting Started

Installation

Wazuh

Wazuh Indexer

Definition

Installation

On this page