Adding the Wazuh Vulnerability Index in Kibana

Steps to Create the Data View

  1. Navigate to Stack Management

    • Click the hamburger menu (☰) in the top left corner
    • Select “Stack Management”

  2. Access Data Views

    • Under the Kibana section, click “Data Views”

  3. Create New Data View

    • Click the “Create new data view” button
    • Configure the following settings:
      • Name: wazuh-states-vulnerabilities-wazuh-manager
      • Index pattern: wazuh-states-vulnerabilities-wazuh-manager
      • Timestamp field: vulnerability.detected_at
    • Click “Save data view to Kibana”

Viewing Vulnerability Results

  • Once configured, you can view results in the Wazuh vulnerability dashboard
  • Important Note: After installing your first agent, please allow one to two hours for:
    • Wazuh to download the vulnerability database
    • Complete the initial vulnerability scan
Last modified June 13, 2025: Update docker-compose.yml (c6d44e1)