I can't seem to make the agentless monitoring to work. I added two remote
boxes with /var/ossec/agentless/register_host.sh and configured paswordless
connection generating ssh keys for user ossec. However after restarting
ossec the connection to remote server fails every time. Ossec.log shows:
Hello,
It is working now, i've re install my set-up. And after having modify the
files, i did : */var/ossec/bin/ossec-control restart* on the server and all
the agents. Before, I was doing this on the server only and
*/var/ossec/bin/agent_control
-R* for the agents (but maybe my files were
Decoding the host name in named log as "url" causes it to not get passed to
the active response script. I just a dash "-" as a place holder.
Decoding as user isn't perfect either as the built-in validation will
sometimes reject the value and not call the script, For example the
following error
