2.2.2 Ubuntu 18.04安装

与centos7系统设置静态地址有所不同，Ubuntu18.04系统是采用yml格式进行配置，具体静态IP配置如下，注意冒号后面有空格。

root@wazuh-worker-1:~# cat /etc/netplan/00-installer-config.yaml 
# This is the network config written by 'subiquity'
network:
  ethernets:
    ens33:
      dhcp4: no
      dhcp6: no
      addresses: [192.168.1.210/24]
      gateway4: 192.168.1.2
      nameservers:
              addresses: [114.114.114.114,8.8.8.8]
  version: 2

配置完成之后，需要启动netplan apply命令重启网络，再查看IP地址是否更新。

安装Ubuntu18.04的wazuh管理端原理跟centos7系统差不多，也是第一步导入wazuh仓库的公钥文件，用于验证软件包的签名，确定其有效性；

root@wazuh-worker-1:~# curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
OK

第二步导入wazuh仓库的软件包的安装信息；

root@wazuh-worker-1:~# echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list
deb https://packages.wazuh.com/4.x/apt/ stable main

第三步，由于导入是直接插入，系统不知道已经有这个软件包，所以需要更新仓库信息，发现wazuh管理端的安装包。

apt-get update -y

已经做完准备工作了，可以直接安装wazuh管理端，使用apt命令进行安装

由于wazuh仓库地址在外网，网络波动比较大，网速很慢，使用apt命令安装的时候，等待时间会比较长，所以我推荐下载到本地进行安装，下载地址如下：

https://packages.wazuh.com/4.x/apt/pool/main/w/wazuh-manager/wazuh-manager_4.1.5-1_amd64.deb

接着使用dpkg -i 软件包名进行安装，一些安装信息陆续打印出来，代表着安装成功。

root@wazuh-worker-1:/opt# dpkg -i wazuh-manager_4.1.5-1_amd64.deb 
Selecting previously unselected package wazuh-manager.
(Reading database ... 67182 files and directories currently installed.)
Preparing to unpack wazuh-manager_4.1.5-1_amd64.deb ...
Unpacking wazuh-manager (4.1.5-1) ...
Setting up wazuh-manager (4.1.5-1) ...
Processing triggers for ureadahead (0.100.0-21) ...
Processing triggers for systemd (237-3ubuntu10.42) ...

安装wazuh服务端之后，需要设置开机启动和启动服务。

root@wazuh-worker-1:/opt# systemctl daemon-reload
root@wazuh-worker-1:/opt# systemctl enable wazuh-manager
Synchronizing state of wazuh-manager.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable wazuh-manager
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-manager.service → /usr/lib/systemd/system/wazuh-manager.service.
root@wazuh-worker-1:/opt# systemctl start wazuh-manager

查看wazuh服务端服务是否起来

root@wazuh-worker-1:/opt# systemctl status wazuh-manager
● wazuh-manager.service - Wazuh manager
   Loaded: loaded (/usr/lib/systemd/system/wazuh-manager.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2021-06-25 14:10:34 UTC; 44s ago
  Process: 37814 ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-control start (code=exited, status=0/SUCCESS)
    Tasks: 95 (limit: 1077)
   CGroup: /system.slice/wazuh-manager.service
           ├─37882 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
           ├─37922 /var/ossec/bin/ossec-authd
           ├─37938 /var/ossec/bin/wazuh-db
           ├─37961 /var/ossec/bin/ossec-execd
           ├─37975 /var/ossec/bin/ossec-analysisd
           ├─38010 /var/ossec/bin/ossec-syscheckd
           ├─38026 /var/ossec/bin/ossec-remoted
           ├─38062 /var/ossec/bin/ossec-logcollector
           ├─38080 /var/ossec/bin/ossec-monitord
           └─38093 /var/ossec/bin/wazuh-modulesd

Jun 25 14:10:25 wazuh-worker-1 env[37814]: Started wazuh-db...
Jun 25 14:10:26 wazuh-worker-1 env[37814]: Started ossec-execd...
Jun 25 14:10:27 wazuh-worker-1 env[37814]: Started ossec-analysisd...
Jun 25 14:10:28 wazuh-worker-1 env[37814]: Started ossec-syscheckd...
Jun 25 14:10:29 wazuh-worker-1 env[37814]: Started ossec-remoted...
Jun 25 14:10:30 wazuh-worker-1 env[37814]: Started ossec-logcollector...
Jun 25 14:10:31 wazuh-worker-1 env[37814]: Started ossec-monitord...
Jun 25 14:10:32 wazuh-worker-1 env[37814]: Started wazuh-modulesd...
Jun 25 14:10:34 wazuh-worker-1 env[37814]: Completed.
Jun 25 14:10:34 wazuh-worker-1 systemd[1]: Started Wazuh manager.

至此，wazuh管理端安装过程说明完毕，值得注意的是，我设计安装wazuh集群管理所用到的管理端有三台，其中上面安装的是wazuh管理端、wazuh工作者1号，剩下的wazuh工作者2号跟wazuh管理端安装一样。

上一页2.2.1 Centos 7安装下一页2.3 wazuh代理端安装

最后更新于2年前

这有帮助吗？