Groups: {{ group }} 
Configuration SYNCHRONIZED NOT SYNCHRONIZED
Main configuration
Name Description
Global configuration Global and remote settings
Cluster Master node configuration
Registration service Automatic agent registration using service
Main configuration
Name Description
Global configuration Logging settings that apply to the agent
Client configuration Settings related to the connection with the manager
Anti-flooding settings Agent bucket parameters to avoid event flooding
Labels User-defined information about the agent included in alerts
Alerts and output management
Name Description
Alerts Settings related to the alerts and their format
Integrations Slack, VirusTotal and PagerDuty integrations with external APIs
Auditing and policy monitoring
Name Description
Policy monitoring Configuration to ensure compliance with security policies, standards and hardening guides
OpenSCAP Configuration assessment and automation of compliance monitoring using SCAP checks
CIS-CAT Configuration assessment using CIS scanner and SCAP checks
System threats and incident response
Name Description
Vulnerabilities Discover what applications are affected by well-known vulnerabilities
Osquery Expose an operating system as a high-performance relational database
Inventory data Gather relevant information about system OS, hardware and packages
Active response Active threat addressing by inmmediate response
Active response Active threat addressing by inmmediate response
Commands Configuration options of the Command wodle
Docker listener Collects events on Docker containers such as starting, stopping or pausing.
Log data analysis
Name Description
Log collection Log analysis from text files, Windows events or syslog outputs
Integrity monitoring Identify changes in content, permissions, ownership and attributes of files
Agentless Run integrity checks on devices such as routers, firewalls or switches
Cloud security monitoring
Name Description
Amazon S3 Security events related to Amazon AWS services, collected directly via AWS API
More info about this section Wazuh administration documentation Wazuh capabilities documentation Local configuration reference