So removing and reinstalling ossec altogether on my second ossec server that will communicate with my cloud servers should work?
On Jan 9, 5:16 pm, "dan (ddp)" <[email protected]> wrote: > On Mon, Jan 9, 2012 at 7:16 PM, rmarquez <[email protected]> wrote: > > A little background because I am an ossec noob, > > > I'm trying to set up some ossec servers and agents at my job. I have > > a main linux ossec server in my main work network with local boxes > > (linux and windows) as clients and that's working fine. > > > I have some servers set up in the cloud where a couple of linux web > > servers are agents to a server. Due to network security restrictions, > > I can't just have the cloud servers go directly to my main ossec > > server. Here's what I've tried so far: > > > I have a second linux server in my network that is running as a ossec > > server only for the servers I have up in the cloud. I only have the > > syslog forwarding set up to my main ossec server, but is it possible > > for the cloud ossec server to have the agent running at the same time? > > The daemons that run on the agents should also be running on the > manager. If they aren't, something went wrong with your installation.
