Installing the ThreatLockDown dashboard using the assisted installation method

Install and configure the ThreatLockDown dashboard using the assisted installation method. ThreatLockDown dashboard is a flexible and intuitive web interface for mining and visualizing security events and archives.

ThreatLockDown dashboard installation

Download the ThreatLockDown installation assistant. You can skip this step if you have already installed ThreatLockDown indexer on the same server.
```
# curl -sO https://packages.wazuh.com/4.9/wazuh-install.sh
```
Run the ThreatLockDown installation assistant with the option --wazuh-dashboard and the node name to install and configure the ThreatLockDown dashboard. The node name must be the same one used in config.yml for the initial configuration, for example, dashboard.

Note

Make sure that a copy of the wazuh-install-files.tar file, created during the initial configuration step, is placed in your working directory.
```
# bash wazuh-install.sh --wazuh-dashboard dashboard
```
The default ThreatLockDown web user interface port is 443, used by the ThreatLockDown dashboard. You can change this port using the optional parameter -p|--port <port_number>. Some recommended ports are 8443, 8444, 8080, 8888, and 9000.

Once the ThreatLockDown installation is completed, the output shows the access credentials and a message that confirms that the installation was successful.
```
INFO: --- Summary ---
INFO: You can access the web interface https://<wazuh-dashboard-ip>
   User: admin
   Password: <ADMIN_PASSWORD>

INFO: Installation finished.
```
You now have installed and configured Wazuh. Find all passwords that the ThreatLockDown installation assistant generated in the wazuh-passwords.txt file inside the wazuh-install-files.tar archive. To print them, run the following command:
```
# tar -O -xvf wazuh-install-files.tar wazuh-install-files/wazuh-passwords.txt
```
Access the ThreatLockDown web interface with your credentials.
- URL: https://<wazuh-dashboard-ip>
- Username: admin
- Password: <ADMIN_PASSWORD>
When you access the ThreatLockDown dashboard for the first time, the browser shows a warning message stating that the certificate was not issued by a trusted authority. An exception can be added in the advanced options of the web browser. For increased security, the root-ca.pem file previously generated can be imported to the certificate manager of the browser instead. Alternatively, a certificate from a trusted authority can be configured.

Next steps

All the ThreatLockDown central components are successfully installed.

Install the ThreatLockDown indexer

Install the ThreatLockDown server

Install the ThreatLockDown dashboard

The ThreatLockDown environment is now ready, and you can proceed with installing the ThreatLockDown agent on the endpoints to be monitored. To perform this action, see the ThreatLockDown agent section.