ports/security/wazuh-manager/files/pkg-message.in

[
{ type: install
  message: <<EOM
Wazuh Manager was installed

1) Copy /etc/locatime to /var/ossec/etc directory

   # cp /etc/localtime /var/ossec/etc

2) You must edit /var/ossec/etc/ossec.conf.sample for your setup and rename/copy
   it to ossec.conf.

   Take a look wazuh manager configuration at the following url:

   https://documentation.wazuh.com/current/user-manual/manager/index.html

3) Move /var/ossec/etc/client.keys.sample to /var/ossec/etc/client.keys. This
   file is used to store all agents credentials connected to wazuh-manager

   # mv /var/ossec/etc/client.keys.sample /var/ossec/etc/client.keys

4) You can find additional useful files installed at

  # /var/ossec/packages_files/manager_installation_scripts

5) Do not forget generate auth certificate

  # openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 \
	-subj "/C=US/ST=California/CN=Wazuh/" \
	-keyout /var/ossec/etc/sslmanager.key -out /var/ossec/etc/sslmanager.cert
  # chmod 640 /var/ossec/etc/sslmanager.key
  # chmod 640 /var/ossec/etc/sslmanager.cert

6) FreeBSD rules, decoders and SCA files are installed by default. For more
   information about updates take a look at:

   https://github.com/alonsobsd/wazuh-freebsd
 
   Decoders and rules are used for extract some /var/log/userlog and 
   /var/log/messages entries from FreeBSD agents. It is necessary add a localfile
   entry to /var/ossec/etc/ossec.conf

  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/userlog</location>
  </localfile>
  
7) Add Wazuh manager to /etc/rc.conf

  # sysrc wazuh_manager_enable="YES"

  or
  
  # service wazuh-manager enable

8) Start Wazuh manager

  # service wazuh-manager start

9) Enjoy it ;)
EOM
}
]