{"id":15061,"date":"2022-12-02T13:58:11","date_gmt":"2022-12-02T10:58:11","guid":{"rendered":"https:\/\/kifarunix.com\/?p=15061"},"modified":"2024-03-09T23:31:51","modified_gmt":"2024-03-09T20:31:51","slug":"install-wazuh-agent-on-pfsense","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/install-wazuh-agent-on-pfsense\/","title":{"rendered":"Install Wazuh Agent on pfSense"},"content":{"rendered":"\n<p>In this guide, you will learn how to install Wazuh agent on pfSense. <a href=\"https:\/\/www.pfsense.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">pfSense<\/a> is the world&#8217;s most trusted opensource firewall which also doubles up as an opensource router. On the other hand, <em><a href=\"https:\/\/wazuh.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Wazuh<\/a><\/em>&nbsp;is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance. Wazuh agents are used to collect log and event data from the remote end points that are being monitored and ship to the Wazuh server which then analyzes the event data and triggers <em>alerts when threats or anomalies are detected<\/em>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Installing Wazuh Agent on pfSense<\/h2>\n\n\n\n<p>Ensure that you have Wazuh manager up and running before you can proceed.<\/p>\n\n\n\n<p>We have covered installation and setup of Wazuh manager server on various systems in our previous guides.<\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/install-and-configure-wazuh-manager-on-ubuntu-22-04\/\" target=\"_blank\" rel=\"noreferrer noopener\">Install and Configure Wazuh Manager on Ubuntu 22.04<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/install-wazuh-server-on-rocky-linux-8\/\" target=\"_blank\" rel=\"noreferrer noopener\">Install Wazuh Server on Rocky Linux 8<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/install-and-setup-wazuh-server-in-centos-8-fedora-32\/\" target=\"_blank\" rel=\"noreferrer noopener\">Install and Setup Wazuh Server in CentOS 8\/Fedora 32<\/a><\/p>\n\n\n\n<p>Once the server is up and running, you can proceed to install the agent on pfSense.<\/p>\n\n\n\n<p>Well, it is good to note that pfSense software is based on FreeBSD OS.<\/p>\n\n\n\n<p>In my demo environment, we are running pfSense 2.6.0;<\/p>\n\n\n\n<p>You can confirm from the command line;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cat \/etc\/version<\/code><\/pre>\n\n\n\n<p>Sample output;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>2.6.0-RELEASE<\/code><\/pre>\n\n\n\n<p>Or from the pfSense dashboard;<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-release-version-and-os-version.png\" class=\"td-modal-image\"><figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1457\" height=\"565\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-release-version-and-os-version.png\" alt=\"Install Wazuh Agent on pfSense\" class=\"wp-image-15064\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-release-version-and-os-version.png?v=1671639500 1457w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-release-version-and-os-version-768x298.png?v=1671639500 768w\" sizes=\"(max-width: 1457px) 100vw, 1457px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>As you can see, we have pfSense 2.6.0 based on FreeBSD 12.3.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Enable the use of FreeBSD Official Repositories on pfSense<\/h3>\n\n\n\n<p>Wazuh packages are not available on the official pfSense repositories. Thus the only way we can install Wazuh agent is via the use of official FreeBSD repos.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote td_pull_quote td_pull_center is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>NOTE<\/strong>: Installing software\/packages from FreeBSD repositories on pfSense can easily brick your system. This method is neither supported nor recommended by Netgate. Thus, if you have decided to proceed in this manner, then take utmost caution. We cannot be held responsible for whatever happens to your system.<\/p>\n<\/blockquote>\n\n\n\n<p>To enable the use of FreeBSD repositories on pfSense;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Edit the file <strong><code>\/usr\/local\/etc\/pkg\/repos\/FreeBSD.conf<\/code><\/strong>;<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>vi \/usr\/local\/etc\/pkg\/repos\/FreeBSD.conf<\/code><\/pre>\n\n\n\n<p>and change the line;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>FreeBSD: { enabled: <strong>no<\/strong>  }<\/code><\/pre>\n\n\n\n<p>to;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>FreeBSD: { enabled: <strong>yes<\/strong>  }<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Edit the file <strong><code>\/usr\/local\/etc\/pkg\/repos\/pfSense.conf<\/code><\/strong>;<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>vi \/usr\/local\/etc\/pkg\/repos\/pfSense.conf<\/code><\/pre>\n\n\n\n<p>and change the line;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>FreeBSD: { enabled: <strong>no<\/strong>  }<\/code><\/pre>\n\n\n\n<p>to;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>FreeBSD: { enabled: <strong>yes<\/strong>  }<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Run Package Repository Catalogues Update<\/h3>\n\n\n\n<p>Once you have enabled the FreeBSD repositories, run the command below to updates package repository catalogues;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>pkg update<\/code><\/pre>\n\n\n\n<p>Sample output;<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>Updating FreeBSD repository catalogue...\nFetching meta.conf: 100%    163 B   0.2kB\/s    00:01    \nFetching packagesite.pkg: 100%    6 MiB   1.7MB\/s    00:04    \nProcessing entries: 100%\nFreeBSD repository update completed. 33014 packages processed.\nUpdating pfSense-core repository catalogue...\npfSense-core repository is up to date.\nUpdating pfSense repository catalogue...\npfSense repository is up to date.\nAll repositories are up to date.\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Check Available Wazuh Agent from FreeBSD Repos<\/h3>\n\n\n\n<p>As of this writing, Wazuh 4.3.10 is the <a href=\"https:\/\/documentation.wazuh.com\/current\/release-notes\/index.html\" target=\"_blank\" rel=\"noreferrer noopener\">current stable release version<\/a>. Thus run the command below to check what version is provided by the official FreeBSD repositories;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>pkg search wazuh-agent<\/code><\/pre>\n\n\n\n<p>Sample output;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>wazuh-agent-4.3.10_1           Security tool to monitor and check logs and intrusions (agent)<\/code><\/pre>\n\n\n\n<p>So we go the latest stable release Wazuh package!<\/p>\n\n\n\n<p>We are also running Wazuh Manager 4.3.10!<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\/var\/ossec\/bin\/wazuh-control info<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>WAZUH_VERSION=\"v4.3.10\"\nWAZUH_REVISION=\"40323\"\nWAZUH_TYPE=\"server\"<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Installing Wazuh Agent<\/h3>\n\n\n\n<p>You can now install Wazuh agent package as follows;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>pkg install wazuh-agent<\/code><\/pre>\n\n\n\n<p>Sample installation command output;<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>Updating FreeBSD repository catalogue...\nFreeBSD repository is up to date.\n...\n...\n=====\nMessage from wazuh-agent-4.3.10_1:\n\n--\n<strong>Wazuh Agent was installed\n\n1) Copy \/etc\/locatime to \/var\/ossec\/etc directory\n\n   # cp \/etc\/localtime \/var\/ossec\/etc\n\n2) You must edit \/var\/ossec\/etc\/ossec.conf.sample for your setup and rename\/copy\n   it to ossec.conf\n\n   Take a look wazuh configuration at the following url:\n\n   https:\/\/documentation.wazuh.com\/current\/user-manual\/index.html\n\n3) You can find additional useful files installed at\n\n  # \/var\/ossec\/packages_files\/agent_installation_scripts\n\n4) Add Wazuh agent to \/etc\/rc.conf\n\n  # sysrc wazuh_agent_enable=\"YES\"\n\n5) Start Wazuh agent\n\n  # service wazuh_agent start\n\n6) Enjoy it ;)<\/strong>\n<\/code><\/pre>\n\n\n\n<p>The installation summary gives how to finalize Wazuh agent setup on pfSense.<\/p>\n\n\n\n<p>As suggested;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Copy \/etc\/locatime to \/var\/ossec\/etc directory<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>cp \/etc\/localtime \/var\/ossec\/etc<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Rename the sample Wazuh agent configuration file, <strong><code>\/var\/ossec\/etc\/ossec.conf.sample<\/code><\/strong> to <strong><code>\/var\/ossec\/etc\/ossec.conf<\/code><\/strong>.<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>cp \/var\/ossec\/etc\/ossec.conf{.sample,}<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Edit the Wazuh agent config file and set the Wazuh manager IP;<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>vi \/var\/ossec\/etc\/ossec.conf<\/code><\/pre>\n\n\n\n<p>Change the section;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>    &lt;server&gt;\n      &lt;address&gt;<strong>IP<\/strong>&lt;\/address&gt;\n    &lt;\/server&gt;<\/code><\/pre>\n\n\n\n<p>to;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>    &lt;server&gt;\n      &lt;address&gt;<strong>192.168.58.22<\/strong>&lt;\/address&gt;\n    &lt;\/server&gt;<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Add extract pfSense logs to monitor;<\/li>\n<\/ul>\n\n\n\n<p>In my demo setup, apart from the default log files monitored by Wazuh by default;<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>  &lt;!-- Log analysis --&gt;\n  &lt;localfile&gt;\n    &lt;log_format&gt;syslog&lt;\/log_format&gt;\n    &lt;location&gt;\/var\/ossec\/logs\/active-responses.log&lt;\/location&gt;\n  &lt;\/localfile&gt;\n\n  &lt;localfile&gt;\n    &lt;log_format&gt;syslog&lt;\/log_format&gt;\n    &lt;location&gt;\/var\/log\/messages&lt;\/location&gt;\n  &lt;\/localfile&gt;\n\n  &lt;localfile&gt;\n    &lt;log_format&gt;syslog&lt;\/log_format&gt;\n    &lt;location&gt;\/var\/log\/auth.log&lt;\/location&gt;\n  &lt;\/localfile&gt;\n\n  &lt;localfile&gt;\n    &lt;log_format&gt;syslog&lt;\/log_format&gt;\n    &lt;location&gt;\/var\/log\/syslog&lt;\/location&gt;\n  &lt;\/localfile&gt;\n\n  &lt;localfile&gt;\n    &lt;log_format&gt;command&lt;\/log_format&gt;\n    &lt;command&gt;df -P&lt;\/command&gt;\n    &lt;frequency&gt;360&lt;\/frequency&gt;\n  &lt;\/localfile&gt;\n\n  &lt;localfile&gt;\n    &lt;log_format&gt;full_command&lt;\/log_format&gt;\n    &lt;command&gt;netstat -tan |grep LISTEN |grep -v 127.0.0.1 | sort&lt;\/command&gt;\n    &lt;frequency&gt;360&lt;\/frequency&gt;\n  &lt;\/localfile&gt;\n\n  &lt;localfile&gt;\n    &lt;log_format&gt;full_command&lt;\/log_format&gt;\n    &lt;command&gt;last -n 5&lt;\/command&gt;\n    &lt;frequency&gt;360&lt;\/frequency&gt;\n  &lt;\/localfile&gt;\n<\/code><\/pre>\n\n\n\n<p>I will add some more;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\/var\/log\/openvpn.log\n\/var\/log\/system.log\n\/var\/log\/gateways.log\n\/var\/log\/userlog<\/code><\/pre>\n\n\n\n<p>As shown below;<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>  &lt;localfile&gt;\n    &lt;log_format&gt;syslog&lt;\/log_format&gt;\n    &lt;location&gt;\/var\/log\/openvpn.log&lt;\/location&gt;\n  &lt;\/localfile&gt;\n\n  &lt;localfile&gt;\n    &lt;log_format&gt;syslog&lt;\/log_format&gt;\n    &lt;location&gt;\/var\/log\/system.log&lt;\/location&gt;\n  &lt;\/localfile&gt;\n\n  &lt;localfile&gt;\n    &lt;log_format&gt;syslog&lt;\/log_format&gt;\n    &lt;location&gt;\/var\/log\/gateways.log&lt;\/location&gt;\n  &lt;\/localfile&gt;\n\n  &lt;localfile&gt;\n    &lt;log_format&gt;syslog&lt;\/log_format&gt;\n    &lt;location&gt;\/var\/log\/userlog&lt;\/location&gt;\n  &lt;\/localfile&gt;\n<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enable and start Wazuh agent;<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>sysrc wazuh_agent_enable=\"YES\"<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>\/var\/ossec\/bin\/wazuh-control start<\/code><\/pre>\n\n\n\n<p>Sample output;<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>Starting Wazuh v4.3.10...\nStarted wazuh-execd...\nStarted wazuh-agentd...\n2022\/12\/21 20:47:01 wazuh-syscheckd: WARNING: The check_unixaudit option is deprecated in favor of the SCA module.\nStarted wazuh-syscheckd...\nStarted wazuh-logcollector...\nStarted wazuh-modulesd...\nCompleted.\n<\/code><\/pre>\n\n\n\n<p>You can check the logs file if any issue;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>tail -f \/var\/ossec\/logs\/ossec.log<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Disable the use of FreeBSD Official Repositories on pfSense<\/h3>\n\n\n\n<p>You can now disable the use of FreeBSD official repositories on pfSense.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sed -iE '\/FreeBSD: { enabled: yes  }\/s\/yes\/no\/' \/usr\/local\/etc\/pkg\/repos\/FreeBSD.conf<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>vi \/usr\/local\/etc\/pkg\/repos\/pfSense.conf<\/code><\/pre>\n\n\n\n<p>and change the line;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>FreeBSD: { enabled: <strong>yes<\/strong>  }<\/code><\/pre>\n\n\n\n<p>to;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>FreeBSD: { enabled: <strong>no<\/strong>  }<\/code><\/pre>\n\n\n\n<p>Update package catalogue;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>pkg clean all<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>pkg update<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Confirm pfSense Wazuh Agent Status on Wazuh Manager<\/h3>\n\n\n\n<p>Login to Wazuh manager interface and confirm the pfSense agent status;<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-wazuh-agent-status-1.png\" class=\"td-modal-image\"><figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1890\" height=\"706\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-wazuh-agent-status-1.png\" alt=\"Install Wazuh Agent on pfSense\" class=\"wp-image-15081\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-wazuh-agent-status-1.png?v=1671704069 1890w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-wazuh-agent-status-1-768x287.png?v=1671704069 768w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-wazuh-agent-status-1-1536x574.png?v=1671704069 1536w\" sizes=\"(max-width: 1890px) 100vw, 1890px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>As you can see, the pfSense Wazuh agent (pfSense.home.arpa) is connected to the Wazuh server and is up and running.<\/p>\n\n\n\n<p>You can simulate some activities such as;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>successful or failed logins to the server.<\/li>\n\n\n\n<li>e.t.c<\/li>\n<\/ul>\n\n\n\n<p>Now click on the agent to see more details related to events collected from it.<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-wazuh-agent-events.png\" class=\"td-modal-image\"><figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1891\" height=\"865\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-wazuh-agent-events.png\" alt=\"Install Wazuh Agent on pfSense\" class=\"wp-image-15082\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-wazuh-agent-events.png?v=1671705035 1891w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-wazuh-agent-events-768x351.png?v=1671705035 768w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-wazuh-agent-events-1536x703.png?v=1671705035 1536w\" sizes=\"(max-width: 1891px) 100vw, 1891px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>Click on <strong>Security Events<\/strong> to see more event details;<\/p>\n\n\n\n<p>Dashboard<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-agent-events-dashboard.png\" class=\"td-modal-image\"><figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1888\" height=\"2496\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-agent-events-dashboard.png\" alt=\"\" class=\"wp-image-15083\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-agent-events-dashboard.png?v=1671705217 1888w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-agent-events-dashboard-768x1015.png?v=1671705217 768w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-agent-events-dashboard-1162x1536.png?v=1671705217 1162w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-agent-events-dashboard-1549x2048.png?v=1671705217 1549w\" sizes=\"(max-width: 1888px) 100vw, 1888px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>Events;<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-agent-events-dashboard-raw.png\" class=\"td-modal-image\"><figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1887\" height=\"878\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-agent-events-dashboard-raw.png\" alt=\"\" class=\"wp-image-15084\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-agent-events-dashboard-raw.png?v=1671705297 1887w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-agent-events-dashboard-raw-768x357.png?v=1671705297 768w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/12\/pfsense-agent-events-dashboard-raw-1536x715.png?v=1671705297 1536w\" sizes=\"(max-width: 1887px) 100vw, 1887px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>And that is it on how to install Wazuh agent on pfSense.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Other Tutorials<\/h3>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/install-wazuh-agent-on-rocky-linux-8\/\" target=\"_blank\" rel=\"noreferrer noopener\">Install Wazuh Agent on Rocky Linux 8<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/easy-way-to-install-wazuh-agents-on-ubuntu-debian\/\" target=\"_blank\" rel=\"noreferrer noopener\">Easy Way to Install Wazuh Agents on Ubuntu\/Debian<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this guide, you will learn how to install Wazuh agent on pfSense. pfSense is the world&#8217;s most trusted opensource firewall which also doubles up<\/p>\n","protected":false},"author":3,"featured_media":15089,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[72,910,121,34,1823],"tags":[6217,6218,6215,6216],"class_list":["post-15061","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-monitoring","category-elastic-stack","category-howtos","category-security","category-wazuh","tag-monitor-pfsense-with-wazuh-agent","tag-pfsense-hids-agent","tag-pfsense-wazuh-agent","tag-wazuh-agent-on-pfsense","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","resize-featured-image"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/15061"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=15061"}],"version-history":[{"count":16,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/15061\/revisions"}],"predecessor-version":[{"id":20667,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/15061\/revisions\/20667"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media\/15089"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=15061"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=15061"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=15061"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}