Last Edited 12/14/2023
This is a place holder. If you haven’t already review Wazuh, you should consider doing so. While this is a place holder you should at this point find plenty of articles detailing how to bundle Wazuh into a SIEM stack. The radiational articles should discuss all the components and expected flow. From Logging, Normalization, Alerting, and Ticket management. While you experimenting please remember to consider testing Wazuh using convenient Docker containers.
References:
https://documentation.wazuh.com/current/installation-guide/wazuh-agent/index.html
https://documentation.wazuh.com/current/deployment-options/docker/wazuh-container.html
https://documentation.wazuh.com/current/deployment-options/virtual-machine/virtual-machine.html