Today I use OSSEC as HIDS, but reading Wazuh's site it seems to be more modern and has more resources.
I saw that it has an Elastic Stack integration, something I don't interested about due to using Java and using a lot of server resources.
Does Wazuh have a way that I can export its detection to some environment like Zabbix, another or even visualize it in a private cloud?
Or if I keep using OSSEC, does it have any feature to monitor the logs without me having to email these detections?
Starting Wazuh 4.3.x, Wazuh includes the Wazuh indexer and the Wazuh dashboard, based on OpenSearch, among many other improvements, check this blog to learn more: Introducing Wazuh 4.3.0
You could easily install Wazuh in just a few minutes using the Wazuh installation assistant, or give it a try by downloading the ready-to-use virtual machine OVA or the pre-built Amazon Machine Image AMI.
Regarding the resources consumption, the recommended hardware resources to monitor up to 25 agents are 4vCPU, 8 GiB of RAM and 50 GB of storage to keep the alerts for 90 days. Check the Wazuh quickstart hardware requirements to learn more.
As an alternative, you could install only the Wazuh manager without the indexer and dashboard components and forward the logs in the /var/ossec/logs/alerts/alerts.json file to an external tool.
