The Wazuh server is the core component of the Wazuh security platform, responsible for analyzing, processing, and correlating the data received from the deployed agents. It acts as the central intelligence hub, running the Wazuh manager which handles functions such as rule-based analysis for threat detection, configuration management for agents, and communication with the Elastic Stack (or other SIEM platforms) for indexing and visualization. The Wazuh server is essential for performing advanced security operations like intrusion detection, security assessment, and compliance enforcement across the monitored infrastructure.
In the Blink platform, navigate to the Connections page > Add connection. A New Connection dialog box opens displaying icons of external service providers available.
Select the Wazuh Server icon. A dialog box with name of the connection and connection methods appear.
(Optional) Edit the name of the connection. At a later stage you cannot edit the name.
Select Username & Password as the method to create the connection.
Fill in the parameters:
The API Address
The Username
The Password
(Optional) Click Test Connection to test it.
Click Create connection. The new connection appears on the Connections page.