For the past two weeks, I've been trying to install Wazuh on my Ubuntu 22.04 which is being hosted on DigitalOcean (that only has terminal as a method to connect to the machine) and the amount of problems that I encountered is very nerve-wrecking. And only after several times, I've found a solid procedure to install Wazuh on my Ubuntu 22.04 Cloud instance. While this post isn't meant to be a full-blown guide, I hope this post might help you in some way or another.

Installing Xubuntu Desktop and XRDP

Since I want to use GUI so I can see the Wazuh dashboard visually, we need to install Xubuntu and XRDP. So, what are they exactly? Xubuntu is a desktop environment that uses lightweight XFCE instead of the usual GNOME. I've tried to use the normal Ubuntu Desktop with GNOME but it's very-very slow and changing the configuration file won't help either. While XRDP is basically RDP but for Linux, so you can connect to your remote Linux machine via RDP in your local Windows machine (which I currently use).

Why need them, you might ask? If you want to connect to your Wazuh dashboard in your remote Linux machine, you need both of them to use it. You can theoretically connect to the Wazuh dashboard directly from your local machine and skip this whole process together, but I haven't tested that method yet.

First thing you need to do is to check for updates & upgrades and install them. You can do that by typing the command below. I'll be using root for the whole process.

apt upgrade -y && apt update -y

You'll then be asked to keep some settings or restart some processes, you just need to click enter (Unless you're not using the default settings). Then, you can install everything (copy and paste everything, not line by line).

apt install xubuntu-desktop
apt install xrdp
adduser xrdp ssl-cert
echo "startxfce4" > ~/.xsession
chmod +x ~/.xsession
systemctl restart xrdp.service

The installation will take a while. You'll then be asked multiple times to restart any processes, you just need to click enter (Unless you're not using the default settings). You then can try connecting to the remote machine via RDP from your local machine.

Installing Firefox

Since Xubuntu Desktop doesn't have any pre-installed browser. We need to install it ourselves. We'll be using Firefox for our browser. This is where another problem came, I can't type anything to the browser! Turns out, some people are having the same problem. You'll need to install Firefox as a .deb package not as a snap package. The procedure is as below.

1. Adding the Firefox repository

add-apt-repository ppa:mozillateam/ppa

2. Changing the installation process to prioritize installation of Firefox from apt (copy and paste everything, not line by line).

echo '
Package: *
Pin: release o=LP-PPA-mozillateam
Pin-Priority: 1001
' | sudo tee /etc/apt/preferences.d/mozilla-firefox

3. (Optional) Set auto updates.

echo 'Unattended-Upgrade::Allowed-Origins:: "LP-PPA-mozillateam:${distro_codename}";' | sudo tee /etc/apt/apt.conf.d/51unattended-upgrades-firefox

4. You then can install Firefox.

apt install firefox

You should connect to the machine via RDP to confirm if the Firefox is installed successfully and running normally.

Installing Wazuh

We then can install Wazuh using this command, as root.

curl -sO https://packages.wazuh.com/4.4/wazuh-install.sh && sudo bash ./wazuh-install.sh -a

The installation will take a while. You'll be shown something like this in your terminal if the installation is a success:

INFO: --- Summary ---
INFO: You can access the web interface https://<wazuh-dashboard-ip>
    User: admin
    Password: <ADMIN_PASSWORD>
INFO: Installation finished.

You then can try connecting to the Wazuh dashboard using your remote machine IP in the Firefox browser of your remote machine. You'll then be shown a warning message that the website isn't safe, you can just ignore it. Click on "Advanced." and "Accept The Risk and Continue" to enter Wazuh dashboard. You'll then need to login using the provided credentials when you finish installed Wazuh. And voila! You've successfully installed Wazuh on your Ubuntu 22.04.

Sources

Big thanks to the dudes below who helped me install everything with their tutorial. You should check them out if you need more information on certain things that I skipped.

• https://blog.alphavps.com/how-to-install-a-gui-on-a-linux-vps/

• https://www.omgubuntu.co.uk/2022/04/how-to-install-firefox-deb-apt-ubuntu-22-04

• https://documentation.wazuh.com/current/quickstart.html