Guilgo Blog

Notes from my daily work with technology.

Wazuh without Elasticsearch: lightweight dashboard in Grafana with the REST API

Agents, security alerts (SCA, MITRE), AdGuard and parental control in one dashboard. No Indexer or official Dashboard.

Use Grafana as frontend for Wazuh Lite: agents, security alerts (SCA, MITRE), AdGuard and parental control. NodePort, JSON plugin, JWT, alerts proxy and panels in one dashboard. No Indexer or Elastic/OpenSearch.

Posted by David Guillermo on Friday, February 27, 2026

Auditing Kubernetes with Wazuh: API server audit logs to the SIEM step by step

Webhook, audit policy and rules to send Kubernetes audit logs to Wazuh and alert on resource create/delete

Step-by-step guide to audit Kubernetes with Wazuh: API server audit logs to the SIEM, webhook listener, audit policy and rules in local_rules.xml. Kubernetes security monitoring.

Posted by David Guillermo on Thursday, February 26, 2026

avatar

Sysadmin, self-taught by curiosity.

FEATURED TAGS
docker kubernetes linux microsoft monitoring powershell security sysadmin telegram wazuh wsus