On Tue, Nov 30, 2010 at 12:47 PM, OSSEC <[email protected]> wrote: > Thanks. I didnt give me any output, meaning that it run. > > Now, do i have to configure only the ossec server or the agents as > well? > > thanks in advance.
Just the server. Agents forward to the manager which forwards onto splunk. > > On Nov 30, 12:34 pm, "dan (ddp)" <[email protected]> wrote: >> On Tue, Nov 30, 2010 at 11:46 AM, OSSEC <[email protected]> wrote: >> > Greetings, >> >> > I'm trying to use splunk along with OSSEC but i'm not able to run the >> > above command because is not an option. >> >> > I've already created the syslog_output and now i have to enable tha >> > syslog by doing the following >> >> > /var/ossec/bin/ossec-control enable client-syslog >> >> > But i dont have that option >> >> > Please advice >> >> > thanks >> >> Is this on the manager? >> What output do you get when you run it? >> Does /var/ossec/bin/ossec-csyslogd exist? >> What do you get when you run "/var/ossec/bin/ossec-control enable"? >> Which version of OSSEC?
