This instructions are taken from the Official Wazuh Docker Repo. For our purposes only the first two steps are needed.
This deployment is defined in the docker-compose.yml file with one Wazuh manager containers, one Wazuh indexer containers, and one Wazuh dashboard container. It can be deployed by following these steps:
- Increase max_map_count on your host (Linux). This command must be run with root permissions:
$ sysctl -w vm.max_map_count=262144
- Run the certificate creation script:
$ docker-compose -f generate-indexer-certs.yml run --rm generator
- Start the environment with docker-compose:
- In the foregroud:
$ docker-compose up
- In the background:
$ docker-compose up -d
The environment takes about 1 minute to get up (depending on your Docker host) for the first time since Wazuh Indexer must be started for the first time and the indexes and index patterns must be generated.