diff --git a/ansible/eth1.yml b/ansible/eth1.yml
index 961844e..cdc44ba 100644
--- a/ansible/eth1.yml
+++ b/ansible/eth1.yml
@@ -17,3 +17,4 @@
     - { role: infra-role-open-ports,  tags: open-ports  }
     - { role: infra-role-nimbus-eth1, tags: nimbus-eth1 }
     - { role: infra-role-rocketpool,  tags: rocketpool  }
+    - { role: infra-role-wazuh-agent, tags: wazuh-agent }
diff --git a/ansible/fluffy.yml b/ansible/fluffy.yml
index e64db05..c3173b5 100644
--- a/ansible/fluffy.yml
+++ b/ansible/fluffy.yml
@@ -18,6 +18,7 @@
     - { role: update-netplan,           tags: update-netplan }
     - { role: infra-role-open-ports,    tags: open-ports     }
     - { role: infra-role-smart-metrics, tags: smart-metrics  }
+    - { role: infra-role-wazuh-agent,   tags: wazuh-agent    }
   tasks:
     - include_role:
         name: infra-role-nimbus-fluffy
diff --git a/ansible/geth.yml b/ansible/geth.yml
index ac961f9..222c7a5 100644
--- a/ansible/geth.yml
+++ b/ansible/geth.yml
@@ -14,10 +14,11 @@
   hosts:
     - nimbus-geth-mainnet
   roles:
-    - { role: infra-role-open-ports,    tags: open-ports }
+    - { role: infra-role-open-ports,    tags: open-ports    }
     - { role: infra-role-smart-metrics, tags: smart-metrics }
-    - { role: infra-role-geth,          tags: geth }
+    - { role: infra-role-geth,          tags: geth          }
     - { role: infra-role-geth-exporter, tags: geth-exporter }
+    - { role: infra-role-wazuh-agent,   tags: wazuh-agent   }
 
 - name: Deploy Geth nodes for Windows
   become: true
@@ -26,8 +27,9 @@
   hosts:
     - nimbus-geth-holesky
   roles:
-    - { role: infra-role-open-ports,    tags: open-ports }
+    - { role: infra-role-open-ports,    tags: open-ports    }
     - { role: infra-role-smart-metrics, tags: smart-metrics }
+    - { role: infra-role-wazuh-agent,   tags: wazuh-agent   }
   tasks:
     - include_role:
         name: infra-role-geth
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 87e3121..45f0673 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -85,3 +85,7 @@ validator_client_consul_failures_before_critical: '{{ beacon_node_consul_failure
 bootstrap__vault_ca_cert:           '{{ lookup("passwordstore", "services/vault/certs/root-ca/cert returnall=true")}}'
 bootstrap__vault_client_cert:       '{{ lookup("passwordstore", "services/vault/certs/client-host/cert returnall=true")}}'
 bootstrap__vault_client_key:        '{{ lookup("passwordstore", "services/vault/certs/client-host/privkey returnall=true")}}'
+
+# Wazuh Agent
+wazuh_agent_enrollment_key:         '{{ lookup("vault", "wazuh-agent", field="enrollment-key",          env="all", stage="all")}}'
+wazuh_root_ca:                      '{{ lookup("vault", "certs/wazuh-ca", field="certificate",          env="all", stage="all")}}'
diff --git a/ansible/holesky.yml b/ansible/holesky.yml
index 589a90a..d65ec5e 100644
--- a/ansible/holesky.yml
+++ b/ansible/holesky.yml
@@ -18,12 +18,13 @@
     - nimbus-holesky-neth
   vars_files: layout/holesky.yml
   roles:
-    - { role: update-netplan,        tags: update-netplan,    when: ansible_system == 'Linux' }
-    - { role: infra-role-swap-file,  tags: swap-file        }
-    - { role: infra-role-open-ports, tags: open-ports       }
-    - { role: redirect-ports,        tags: redirect-ports   }
-    - { role: nimbus-era-files,      tags: nimbus-era-files }
-    - { role: infra-role-mev-boost,  tags: mev-boost,    when: mev_boost_enabled == true }
+    - { role: update-netplan,         tags: update-netplan,    when: ansible_system == 'Linux' }
+    - { role: infra-role-swap-file,   tags: swap-file         }
+    - { role: infra-role-open-ports,  tags: open-ports        }
+    - { role: redirect-ports,         tags: redirect-ports    }
+    - { role: nimbus-era-files,       tags: nimbus-era-files  }
+    - { role: infra-role-mev-boost,   tags: mev-boost,        when: mev_boost_enabled == true }
+    - { role: infra-role-wazuh-agent, tags: wazuh-agent       }
   tasks:
     - include_role:
         name: infra-role-beacon-node-linux
diff --git a/ansible/mainnet.yml b/ansible/mainnet.yml
index 34a2538..aa80daf 100644
--- a/ansible/mainnet.yml
+++ b/ansible/mainnet.yml
@@ -22,6 +22,7 @@
     - { role: infra-role-open-ports,        tags: [ open-ports ] }
     - { role: redirect-ports,               tags: [ redirect-ports ] }
     - { role: get-geth-api-urls,            tags: [ get-geth-api-urls, beacon-node ] }
+    - { role: infra-role-wazuh-agent,       tags: wazuh-agent   }
   tasks:
     - include_role:
         name: infra-role-beacon-node-linux
@@ -51,6 +52,7 @@
     - { role: redirect-ports,               tags: [ redirect-ports ] }
     - { role: get-geth-api-urls,            tags: [ get-geth-api-urls, beacon-node ] }
     - { role: nimbus-era-files,             tags: [ nimbus-era-files ] }
+    - { role: infra-role-wazuh-agent,       tags: wazuh-agent   }
   tasks:
     - include_role:
         name: infra-role-beacon-node-linux
diff --git a/ansible/requirements.yml b/ansible/requirements.yml
index 733add2..f508c79 100644
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@@ -119,3 +119,7 @@
 - name: infra-role-nimbus-bench-eth1
   src: git@github.com:status-im/infra-role-nimbus-bench-eth1.git
   version: ed5059de24c54ab928f390640f9a9a7649753e12
+
+- name: infra-role-wazuh-agent
+  src: git@github.com:status-im/infra-role-wazuh-agent.git
+  version: 413e806e8238a4d6f361fab8897bddc1411b0b9b
diff --git a/ansible/sepolia.yml b/ansible/sepolia.yml
index 7f90838..6db1e5d 100644
--- a/ansible/sepolia.yml
+++ b/ansible/sepolia.yml
@@ -21,6 +21,7 @@
     - { role: infra-role-smart-metrics, tags: [ smart-metrics ]                                   }
     - { role: redirect-ports,           tags: [ redirect-ports ]                                  }
     - { role: nimbus-era-files,         tags: [ nimbus-era-files ]                                }
+    - { role: infra-role-wazuh-agent,   tags: wazuh-agent                                         }
   tasks:
     - include_role:
         name: infra-role-geth