I was originaly planing to try security onion but while reasurching it I came across Wazuh which runs on docker which I always prefer. Once I installed it using a edited version of the compose file in the github repository.
I managed to install the agent on two of my servers however on my main proxmox host I didn’t understand that the server I was the ip of the main host not the server I was installing it on. This lead to a botched install I haven’t been able to fix yet.
Finally I tried to set up docker monitoring. This only partially worked as docker was already installed so I couldn’t use the installer.
