Overview
Wazuh Dashboard Plugins is a set of plugins for Wazuh Dashboard that provides a comprehensive security visibility and compliance management interface. Built on OpenSearch Dashboards, these plugins enable you to visualize and analyze security data, manage your Wazuh infrastructure, and maintain regulatory compliance.Current version: 5.0.0-alpha0 for OpenSearch Dashboards 3.5.0
What is Wazuh?
Wazuh is an open-source security detection, visibility, and compliance platform. It helps you gain deeper security visibility into your infrastructure by monitoring hosts at both operating system and application levels. The dashboard plugins provide the user interface for interacting with your Wazuh deployment.Plugin Architecture
The Wazuh Dashboard Plugins repository contains three core plugins:Main Plugin (wazuh)
The primary plugin providing the full Wazuh dashboard experience.- Plugin ID:
wazuh - Version: 5.0.0
- Platform Version: 3.5.0
Wazuh Core Plugin (wazuhCore)
Core services and utilities shared across Wazuh plugins.- Plugin ID:
wazuhCore - Version: 5.0.0
- Description: Provides shared functionality and services
Wazuh Check Updates Plugin (wazuhCheckUpdates)
Monitors and notifies about available Wazuh updates.- Plugin ID:
wazuhCheckUpdates - Version: 5.0.0
- Description: Automatic update checking and notification system
Key Capabilities
The Wazuh Dashboard Plugins provide comprehensive security monitoring across multiple use cases:Security Information Management
Security Events
Browse security alerts, identify issues and threats in your environment
Integrity Monitoring
Track file changes including permissions, content, ownership, and attributes
Cloud Security
Monitor AWS, Office 365, GitHub, and Google Cloud Platform security events
Auditing and Policy Monitoring
- Policy Monitoring: Verify systems are configured according to security policies
- Security Configuration Assessment: Scan assets as part of configuration audits
- System Auditing: Monitor user behavior, command execution, and critical file access
Threat Detection and Response
- Vulnerability Detection: Discover applications affected by known vulnerabilities
- MITRE ATT&CK: Map security alerts to adversary tactics and techniques
- VirusTotal Integration: Analyze suspicious files via VirusTotal API
- Docker Monitoring: Track container activity and lifecycle events
Regulatory Compliance
Built-in compliance monitoring for:- PCI DSS: Payment Card Industry Data Security Standard
- NIST 800-53: Federal information systems guidelines
- GDPR: General Data Protection Regulation
- HIPAA: Health Insurance Portability and Accountability Act
- TSC: Trust Services Criteria
Technology Stack
The plugins are built using modern web technologies:- OpenSearch - Data storage and search engine
- OpenSearch OUI Framework - UI component library
- React - UI framework for modern components
- Redux - State management
- AngularJS - Legacy UI components
- Node.js - Server-side runtime (v22.22.0)
- TypeScript - Type-safe development
Plugin Features
Visualization and Analysis
- Interactive dashboards for security events
- Real-time alert monitoring
- Advanced filtering and search capabilities
- Custom visualization creation
Configuration Management
- View and edit Wazuh server configuration
- Manage agent groups
- Check cluster status and logs
- API configuration through Dev Tools
Agent Management
- Monitor agent status and health
- View agent configuration and inventory
- Deploy new agents
- Agent upgrade management
Data Sources
The plugins work with multiple index patterns to organize security data:Next Steps
Installation
Install and configure Wazuh Dashboard Plugins
Quickstart
Get started with a quick setup guide
Compatibility
Check version compatibility requirements
Contributing
Contribute to the project