Wazuh

Wazuh is an open‑source security information and event management (SIEM) and host‑based intrusion detection system (HIDS) that builds upon the OSSEC project. It provides real‑time monitoring, log analysis, integrity checking, rootkit detection, vulnerability detection, compliance reporting, and active response capabilities. The platform is written primarily in C for the engine and Python for extensions, and it can run on Linux, Windows, macOS, FreeBSD, and other Unix‑like systems.

The core of Wazuh is the agent that runs on each monitored host. Agents collect system logs,

Wazuh supports a variety of use cases. It is widely used for compliance with regulations such as

Because it is distributed under a permissive license, organizations can deploy Wazuh free of charge or opt