The FreeBSD Project

Wazuh on FreeBSD

Links:
Wazuh URL: https://www.wazuh.com/

Contact: José Alonso Cárdenas Márquez <acm@FreeBSD.org>

Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments.

Wazuh solution consists of an endpoint security agent, deployed to the monitored systems, and a management server, which collects and analyzes data gathered by the agents. Besides, Wazuh has been fully integrated with the Elastic Stack or OpenSearch Stack, providing a search engine and data visualization tool that allows users to navigate through their security alerts.

During this quarter, there were many bugfixes and improvements to wazuh ports.

Update bundle python to 3.11.11
Update textproc/opensearch dependency to 2.16.x
Update textport/opensearch-dashboards dependency to 2.16.x
Update databases/py-pyarrow whl to 19.0.1

A quickly Wazuh jail installation to test it can be done using Wazuh AppJail-Makejails.

A big thank to Entersekt for sponsor my work. Now I can use a RockPro64 (aarch64) for Wazuh testing/packaging.

People interested in helping with the project are welcome.

Current version: 4.11.0

TODO

Add Wazuh cluster-mode infrastructure AppJail makejails
Add vulnerability detection support to FreeBSD Wazuh agent
Add FreeBSD like official support platform by Wazuh Inc
Update FreeBSD SCA Policies to new FreeBSD CIS Benchmark

Sponsor: Entersekt

Last modified on: April 13, 2025 by Alonso Cárdenas Márquez