I'd like to see an upgrade that allows the agent's to re-read the config files automatically... at least the shared/agent.conf, so no restarts are required.
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of spacekiwi Sent: Wednesday, October 20, 2010 11:45 PM To: ossec-list Subject: [ossec-list] Re: Day 4: What bugs you: problems, challenges and room for improvement. The second of my two cents, concerns the ability to restart all agents from the central server. A Basic functionality, but I understand the risk, that goes with it. It is a simple request, but not from an architectural or security view. However, since we do propose a centralised config-managment, and changes in the config do require a restart of the agent, why do we have to visit all the clients separately? I also fell on this problem because I was trying to find a way to reconnect all the client to their original, default OSSECServer, after a failover scenario. Something like: when the failed server resurrects, it can give a signal to last connected agents to restart... I really like OSSEC, and I am trying really hard to defend it...
