Wazuh - Docker containers

Lab4PurpleSec is a modular Purple Team homelab combining a vulnerable Active Directory environment (GOAD), a Docker-based web DMZ, pfSense + Suricata, and a Wazuh SIEM. It provides a realistic, open-source training environment for web exploitation, pivoting, Active Directory attacks, and Blue Team detection.

Monitoring a Kubernetes cluster involves deploying and utilizing the Wazuh agent within the Kubernetes environment.

Wazuh Agent as Docker Image

Laboratório prático de cibersegurança simulando um Security Operations Center (SOC) na Google Cloud Platform (GCP). Tecnologias utilizadas: GCP (Cloud), Wazuh (SIEM), Shuffle (SOAR), Iris (DFIR) e Docker (Containerização).

Secure Wazuh deployment automation for Docker with enhanced password management, certificate generation, and security hardening. Scripts for full setup and credential management that eliminate default passwords and implement security best practices.

Wazuh-Docker fork to tinker and learn

Wazuh and Trivy integration to scan Docker image vulnerabilities.

Wazuh agent on a container. Wazuh Docker agent.

OpenSOC-AI: An open-source, modular SOC automation suite powered by lightweight LLMs (LLaMA/Falcon), RabbitMQ, and Docker. Efficiently analyze logs from Splunk, Wazuh, AWS, Azure; real-time alerts & historical forensics. Cost-effective and extensible.

Production-ready Dockerized SIEM/SOC stack with hot/warm tiering — OpenSearch, Logstash, Grafana, Wazuh, Prometheus, InfluxDB, Syslog-ng

Build your own SIEM + Incident Response lab from scratch! 🚀 This project helps set up Wazuh (for log monitoring) and TheHive (for case management) inside Ubuntu using Docker — then connects them so alerts from Wazuh automatically create incidents in TheHive. 💻⚙️

An alternative to "wazuh-docker" with CI/CD-built images for amd64 and arm64, published on Docker Hub.

Separation of wazuh Multi-node in docker mode and creation of new Workers node and indexer on separate servers to balance agents and logs horizontally.

This script is for demo purposes only. It deploys a bare minimum, single-node Docker host and Wazuh stack running as a docker-compose stack.

This is a tutorial for setting Wazuh SIEM on Ubuntu machine.

Infraestructura IT basada en Docker con GLPI, NetBox y Wazuh para gestión, monitoreo y seguridad en entornos productivos.

A full-featured lab environment for exploring and integrating open-source SIEM and SOAR tools. This Docker-based setup includes Wazuh, Graylog, Shuffle, TheHive, Cortex, Velociraptor, Grafana and supporting services.

Wazuh SIEM alerts into Signal Messenger groups using Signal-CLI

A customizable, containerized Wazuh SIEM stack built for homelab environments. This project leverages Docker Compose to deploy Wazuh components (Manager, Indexer, Dashboard) alongside essential tools for threat detection, incident response, and security monitoring in a self-hosted, lightweight setup.

EFK Stack, LAMP Stack, Wazuh Docker,...

Wazuh agent in docker with the apii

Wazuh stack packaged with docker compose in NixOS

Docker Container Setup with Wazuh for Vulnerability Scanning DVWA Container

Progetto personale per sperimentare con un SIEM

Self-hosted homelab dashboard — React + Express + Docker. Live widgets for Proxmox, Emby, Sonarr, Radarr, AdGuard, Wazuh & more.

Docker image and Helm chart for Wazuh Manager and Filebeat, configurable for sending alerts to a specific OpenSearch instance 🐺

Lab complet de cyber-défense sous Docker : mise en place d'un tunnel sécurisé avec filtrage Iptables, détection d'intrusion (Snort) et monitoring EDR/FIM avec Wazuh.

ISC2 CC Certified Professional | Enterprise-grade Wazuh SIEM & XDR deployment via Docker Compose. Demonstrating hands-on skills in threat detection, FIM, and MITRE ATT&CK mapping. Focused on Cloud-Native SecOps and automated vulnerability management to defend modern infrastructures.

Integration with wazuh x graylog using docker-compose