Adding the Wazuh Vulnerability Index in Kibana

Use the steps below to create a new data view for the Wazuh vulnerability index within Kibana.

Steps to Create the Data View

  1. Navigate to Stack Management

    • Click on the hamburger menu icon (three horizontal lines) in the top left corner.

    • Click on Stack Management.

  2. Access Data Views

    • Under the Kibana section, click Data Views.

  3. Create New Data View

    • Click on the Create new data view button.

    • Configure the following settings:

      • Name: wazuh-states-vulnerabilities-wazuh-manager

      • Index pattern: wazuh-states-vulnerabilities-wazuh-manager

      • Timestamp field: vulnerability.detected_at

    • Click on the Save data view to Kibana button.

Viewing Vulnerability Results

Important: After installing your first agent, please allow one to two hours for:

  • Wazuh to download the vulnerability database

  • Complete the initial vulnerability scan

Once configured, you can view results in the Wazuh vulnerability dashboard.

Last modified July 3, 2025: Update troubleshooting.md (cddb826)