Package: ossec-hids-agent
Version: 3.1.0.5696stretch
Severity: important
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
Just normal apt upgrade
* What exactly did you do (or not do) that was effective (or
ineffective)?
see above
* What was the outcome of this action?
install failed.
* What outcome did you expect instead?
install suceeds
*** End of the template - remove these template lines ***
-- System Information:
Debian Release: 9.5
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-8-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages ossec-hids-agent depends on:
ii debconf 1.5.61
ii expect 5.45-7+deb9u1
ii libc6 2.24-11+deb9u3
ii libssl1.1 1.1.0f-3+deb9u2
ossec-hids-agent recommends no packages.
ossec-hids-agent suggests no packages.
-- Configuration Files:
/var/ossec/etc/ossec.conf changed:
<!-- OSSEC example config -->
<ossec_config>
<client>
<server-ip>some.public.ip.address</server-ip>
</client>
<syscheck>
<!-- Frequency that syscheck is executed -- default every 2 hours -->
<frequency>7200</frequency>
<!-- Directories to check (perform all possible verifications) -->
<directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories>
<directories check_all="yes">/bin,/sbin,/boot</directories>
<!-- Files/directories to ignore -->
<ignore>/etc/mtab</ignore>
<ignore>/etc/hosts.deny</ignore>
<ignore>/etc/mail/statistics</ignore>
<ignore>/etc/random-seed</ignore>
<ignore>/etc/adjtime</ignore>
<ignore>/etc/httpd/logs</ignore>
<!-- Check the file, but never compute the diff -->
<nodiff>/etc/ssl/private.key</nodiff>
</syscheck>
<rootcheck>
<rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
<rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
</rootcheck>
<localfile>
<log_format>syslog</log_format>
<location>/var/log/messages</location>
</localfile>
<localfile>
<log_format>syslog</log_format>
<location>/var/log/authlog</location>
</localfile>
<localfile>
<log_format>syslog</log_format>
<location>/var/log/secure</location>
</localfile>
<localfile>
<log_format>syslog</log_format>
<location>/var/log/xferlog</location>
</localfile>
<localfile>
<log_format>syslog</log_format>
<location>/var/log/maillog</location>
</localfile>
<localfile>
<log_format>apache</log_format>
<location>/var/www/logs/access_log</location>
</localfile>
<localfile>
<log_format>apache</log_format>
<location>/var/www/logs/error_log</location>
</localfile>
</ossec_config>
-- debconf information:
* ossec-hids-agent/server-ip: some.public.ip.address