Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Learn to implement automated security incident and event management (SIEM) solutions by combining Wazuh and Ansible on Ubuntu systems in this 20-minute conference talk from UbuCon Asia 2025. Explore the fundamentals of Wazuh as an open-source SIEM tool and understand how Ansible enhances security automation capabilities. Discover how Wazuh detects security events and generates various types of alerts specifically within Ubuntu environments. Master the creation of Ansible playbooks for alert remediation and automated security patching triggered by Wazuh alerts. Follow practical implementation examples including deploying Wazuh core components across 9 Ubuntu virtual machines, working with alerts based on Global NST databases integrated into the Wazuh manager, and understanding alert levels and rule IDs. Gain insights into utilizing built-in decoders in Wazuh core for alert processing and configuring Ansible for automated response mechanisms. Examine real-world scenarios of security vulnerabilities and their automated remediation processes. Apply best practices for ensuring reliability and security in automation workflows while optimizing both Wazuh and Ansible for large-scale deployments in enterprise environments.
