Add comprehensive Wazuh agent configuration for security monitoring:
- wazuh-agent.conf: Full XML configuration including:
* Server connection to tsys-nsm.knel.net via TCP/1514
* AES encryption for agent-server communication
* Rootcheck module for rootkit and anomaly detection
* Syscheck file integrity monitoring for critical paths
(/etc, /usr/bin, /usr/sbin, /bin, /sbin)
* Log collection from syslog, auth.log, kern.log, dmesg
* Active response capability enabled
* Environment/organization labels for asset management
The agent connects to the centralized Wazuh server for log
aggregation, intrusion detection, and compliance monitoring.
Related: KNELServerBuild/ProjectCode/Modules/Security/secharden-wazuh.sh
65d719112c