Host IP: 192.168.5.114
Subnet: 192.168.5.0/24 (Main LAN)
Wazuh agent: pve2 (ID 010) — Active
Containers (LXC)
| CTID | Name | IP | OS | Wazuh | Purpose |
|---|
| CT100 | energonhub | 192.168.5.9 | Debian | ✅ energonhub (022) | Grafana, Prometheus, monitoring hub |
| CT102 | ispconfig-backup | 192.168.5.209 | Debian | ✅ ispconfig-backup (011) | ISPConfig web panel / backup |
| CT103 | CF-HQ | 192.168.127.55 | Debian | ✅ CF-HQ (008) | Cloudflare Zero Trust connector |
| CT104 | pulse | 192.168.5.145 | Debian | ✅ pulse (012) | Network pulse / uptime monitor |
| CT105 | soc.planettoysutah.com | 192.168.5.211 | Debian | ✅ soc (000 — manager) | Wazuh SIEM, security operations |
| CT106 | pmg-backup-mx | 192.168.5.154 | Debian | ✅ mx2.mail-gateway (013) | Proxmox Mail Gateway / MX backup |
Virtual Machines (KVM)
| VMID | Name | IP | OS | Wazuh | Purpose |
|---|
| VM101 | zabbix.planettoysutah.com | 192.168.5.x | AlmaLinux 8.10 | ✅ zabbix-appliance (014) | Zabbix monitoring appliance |
Notable Services on PVE2
Energonhub (CT100 — 192.168.5.9)
- Grafana at
http://192.168.5.9:3000
Dashboard: optination-unified-noc (Unified NOC)
- Prometheus, Loki, and related exporters
- Authentication: admin /
Admin2026!
SOC (CT105 — 192.168.5.211)
- Wazuh Manager (remoted port 1514, authd port 1515)
- Wazuh Indexer (OpenSearch) at port 9200 — cluster status green, 588 shards
- Wazuh Dashboard at port 443
- Syslog receiver on port 514 UDP — accepts 192.168.5.0/24, 192.168.1.0/24, 192.168.100.0/24, 192.168.11.0/24
- ossec.conf backup:
/var/ossec/etc/ossec.conf.bak.20260524_185018
CF-HQ (CT103 — 192.168.127.55)
- Cloudflare Zero Trust connector
- On VLAN 127 (192.168.127.0/24)
Access
# From anywhere on the network
# Execute in a specific CT
pct push 105 /local/file /container/path