Skip to content

Commit

Permalink
improve docs
Browse files Browse the repository at this point in the history
  • Loading branch information
nkowenski committed Oct 26, 2024
1 parent fd526a7 commit aabe9f7
Showing 1 changed file with 19 additions and 5 deletions.
24 changes: 19 additions & 5 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,6 @@
# wazuh-agent-container
Wazuh agent on a container. Wazuh Docker agent.


This repo uses some code form [pyToshka](https://github.com/pyToshka/docker-wazuh-agent) which uses the enrollment using the API, but it stops working after a while.
It also uses some code from [NoEnv](https://github.com/NoEnv/docker-wazuh-agent) which uses the agent configuration for enrollment, but it does not allow to inject config from enviroment variables, and its also outdated.

So here we render the config form the enviroment variables and then let the agent do the magic.
We mount the root fs on /rootfs and on the config we specify the directories to whach inside this mounted rootfs folder.

Expand All @@ -23,4 +19,22 @@ You can use podman or docker. they are compatible:
-e VIRUS_TOTAL_KEY=youtkeyhere \
-v /etc/os-release:/etc/os-release \
-v /var/ossec/local_internal_options.conf:/var/ossec/etc/local_internal_options.conf \
-v /var/ossec/client.keys:/var/ossec/etc/client.keys quay.io/flag5/wazuh-agent
-v /var/ossec/client.keys:/var/ossec/etc/client.keys quay.io/flag5/wazuh-agent

# Config.

The idea is one have to fork this repo and modify the config as requried.
Initially we mount the root folder of the node into /rootfs and on the config we refer this path whatever is needed.


# Sources


There are 2 ways of enrolling an agent ([docs](https://documentation.wazuh.com/current/user-manual/agent/agent-enrollment/enrollment-methods/index.html)).

The recommended is to let the agent erroll using the config.

This repo uses some code form [pyToshka](https://github.com/pyToshka/docker-wazuh-agent) which uses the enrollment using the API, but it stops working after a while.
It also uses some code from [NoEnv](https://github.com/NoEnv/docker-wazuh-agent) which uses the agent configuration for enrollment, but it does not allow to inject config from enviroment variables, and its also outdated.

Source: https://github.com/zakkg3/wazuh-agent-container

0 comments on commit aabe9f7

Please sign in to comment.