[ossec-list] Can someone please help me figuring out what is wrong with this agent configuration file

[Shaikat Majumdar]

I have created a agent.conf file for centralized agent configuration 
(/var/ossec/etc/shared/agent.conf). The file is attached.

I am trying to test OSSEC rules/config before deploying these changes.
So I followed the instructions posted on the link 
http://www.ossec.net/main/manual/creating-a-separated-directory-for-testing-ossec-rulesconfig/ 
and then tried to run the following command.

I created the directory ossectest under "~/sandbox" instead of using the 
"/tmp" directory.

/var/ossec/bin/ossec-logtest -D ~/sandbox/ossectest/ -c 
~/sandbox/ossectest/etc/shared/agent.conf

2010/12/01 12:07:50 ossec-config(1230): ERROR: Invalid element in the 
configuration: 'agent_config'.
2010/12/01 12:07:50 ossec-testrule(1202): ERROR: Configuration error at 
'/home/smajumdar/sandbox/ossectest/etc/shared/agent.conf'. Exiting.

Can someone explain what this error message means and how it can be 
rectified ??


I am using OSSEC HIDS v2.5.1

/var/ossec/bin/ossec-logtest -V

OSSEC HIDS v2.5.1 - Trend Micro Inc.

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License (version 2) as
published by the Free Software Foundation. For more details, go to
http://www.ossec.net/main/license/


Thanks,
Shaikat Majumdar
Millburn Ridgefield Corporation


  
  
    multi-line
    /home/appuser/logs/hftscheduler/test/scheduler.log
  
  
    multi-line
    /home/appuser/logs/hftpublisher/test/publisher.log
  




  
  
    multi-line
    /u/tmcweb/rtest/dev/log4j.log
  
  
    multi-line
    /home/appuser/logs/hftmodelexecutor/test/executor*.log
  




  
  
    multi-line
    /home/appuser/logs/hftmodelexecutor/test/executor*.log
  




  
  
    syslog
    /u/tmc/logs/signalReportListener.log
  




  
  
    multi-line
    /u/tmcweb/rtest/stage/log4j.log
  




  
  
    multi-line
    /home/appuser/logs/hftscheduler/stage/scheduler.log
  
  
    multi-line
    /home/appuser/logs/hftpublisher/stage/publisher.log
  
  
    multi-line
    /home/appuser/logs/hftmodelexecutor/stage/executor*.log
  




  
  
    multi-line
    /home/appuser/logs/hftmodelexecutor/stage/executor*.log
  




  
  
    multi-line
    /u/tmcweb/rtest/prod/log4j.log
  
  
    syslog
    /u/tmc/logs/signalReportListener.log
  
  
    syslog
    /home/appuser/prod/flextrade/nagios/flextrade_nagios_%Y-%m-%d.log
  




  
  
    multi-line
    /home/appuser/logs/hftscheduler/prod/scheduler.log
  
  
    multi-line
    /home/appuser/logs/hftpublisher/prod/publisher.log
  
  
    multi-line
    /home/appuser/logs/hftmodelexecutor/prod/executor*.log
  




  
    multi-line
    /home/appuser/logs/hftmodelexecutor/prod/executor*.log
  




  
  
    multi-line
    /home/appuser/logs/hftpublisher/prod/publisher.log
  
  
    multi-line
    /home/appuser/logs/hftmodelexecutor/prod/executor*.log
  




  
  
    syslog
    /home/appuser/flexapp/flextrade/java/logs/oexlistener.log.%Y-%m-%d
  
  
    syslog
    /home/appuser/flexapp/flextrade/java/logs/ticketlistener.log.%Y-%m-%d
  
  
    syslog
    /home/appuser/flexapp2/flextrade/java/logs/oexlistener.log.%Y-%m-%d
  
  
    syslog
    /home/appuser/flexapp2/flextrade/java/logs/ticketlistener.log.%Y-%m-%d
  




  
  
    syslog
    /home/appuser/prod/flextrade/java/logs/oexlistener.log.%Y-%m-%d
  
  
    syslog
    /home/appuser/prod/flextrade/java/logs/ticketlistener.log.%Y-%m-%d