Skip to main content
Skip table of contents

XDR group management

In Wazuh agents can be added to groups. The purpose of this is to configure similar machines with a central configuration so that there is no need to configure the agents individually. Agents can also belong to more than one group at a time. Please note that agents should at all times belong to at least the default group if nothing else.

To access group management in Wazuh, please Click on the three bar menu at the top left, Expand “Agents Management” and Click “Groups”

image-20250618-174200.png

You will note that after initial deployment there is only the default group.

Creating a group

To create a group please perform the following steps:

  1. Click Add new group in the top right corner

    image-20250618-174236.png

  2. Type in a group name and Click “Save new group”. NOTE: It is recommended to define a group naming standard based on function and/or host OS type.

    image-20250618-174308.png

Your group is now created.

Adding or remove agents to your group

  1. To manage the group membership, Click the little eye at the end of the same line as the group you wish to manage

  2. On the first tab you will be presented with an agent list, or blank screen if it’s a new group.

  3. To add agents, Click the “Manage agents” button at the top right of the screen

    image-20250618-174349.png

  4. You can now add and remove agents from the by using the operators in the middle column

    image-20250618-174421.png

  5. Once your selection is complete, Click “Apply Changes” in the top right corner

    image-20250618-174449.png

🔖 TIP: If you have specific agents you want to add you can also Hold the [CTRL] key and then Press “Add selected items”

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close