Add comprehensive Wazuh agent configuration for security monitoring:
- wazuh-agent.conf: Full XML configuration including:
* Server connection to tsys-nsm.knel.net via TCP/1514
* AES encryption for agent-server communication
* Rootcheck module for rootkit and anomaly detection
* Syscheck file integrity monitoring for critical paths
(/etc, /usr/bin, /usr/sbin, /bin, /sbin)
* Log collection from syslog, auth.log, kern.log, dmesg
* Active response capability enabled
* Environment/organization labels for asset management
The agent connects to the centralized Wazuh server for log
aggregation, intrusion detection, and compliance monitoring.
Related: KNELServerBuild/ProjectCode/Modules/Security/secharden-wazuh.sh
- Remove all librenms references from initializers and configuration
- Keep tailscale as requested (remove netbird plans)
- Add ansible-core (already present) and salt-minion packages
- Create salt-client initializer for minion configuration
- Update roles to replace librenms-agent with salt-client
- Simplify oam initializer to only handle up2date script
- Update README to reflect new architecture and tools
Prepares infrastructure for migration to Salt configuration management
while maintaining tailscale for VPN connectivity.
💘 Generated with Crush
Assisted-by: GLM-4.6 via Crush <crush@charm.land>
