On Thu, Aug 7, 2014 at 5:23 PM, Nick Turley <[email protected]> wrote: > I just tested this in a vagrant environment. On the OSSEC server, I ran: > > /var/ossec/bin/ossec-authd -i -p 1515 > > On my Ubuntu tests box, I ran: > > ./agent-auth -m 192.168.20.25 -p 1515 > > Now, when I run ./agent-control -l or ./manage_agents -l I see: > > Available agents: > ID: 001, Name: test.ucr.edu, IP: 138.23.1.1 > ID: 1047, Name: wheeze.ucr.edu, IP: any > ID: 1048, Name: centsx64.ucr.edu, IP: any > ID: 1049, Name: wheeze, IP: 192.168.20.20 > > You can see agent ID 1049 now includes the IP. ID 1048 (CentOS box) was > registered prior to running ossec-authd with the -i argument. Hope this > helps. >
So the question is, what about this really needs to be documented? I'll do the work (since I don't think greg is interested in contributing), but I don't know what about this needs to be in writing. > On Thursday, August 7, 2014 8:40:56 AM UTC-7, gkspranger wrote: >> >> i did .. but that really doesn't tell me anything -- it just runs .. and >> like i said, i am just looking for some documentation about expected >> behavior and hopefully even an example or two .. >> >> >> thanks, >> greg >> >> >> >> >> On Wednesday, August 6, 2014 7:40:46 AM UTC-4, dan (ddpbsd) wrote: >>> >>> On Tue, Aug 5, 2014 at 7:26 PM, gkspranger <[email protected]> wrote: >>> > hi there !! >>> > >>> > i promise i searched the intertubes for examples of this -- but are >>> > there >>> > any good examples out there related to ossec-authd's "-i" option ?? >>> > >>> > http://ossec-docs.readthedocs.org/en/latest/programs/ossec-authd.html >>> > >>> > the only real examples i am seeing are related to creating the cert and >>> > starting the service using the "-p" option -- for example: >>> > >>> > >>> > http://dcid.me/blog/2011/01/automatically-creating-and-setting-up-the-agent-keys/ >>> > >>> > but i would like to learn more about how to limit which agents can >>> > connect >>> > and register .. for example -- can you do entire subnets ?? or are you >>> > defining only ONE IP address that is allowed to connect and register ?? >>> > >>> > your help/examples are super appreciated .. >>> > >>> >>> >>> Have you tried running it with the -i flag? `/var/ossec/bin/ossec-authd >>> -i`? >>> >>> > thanks, >>> > greg >>> > >>> > -- >>> > >>> > --- >>> > You received this message because you are subscribed to the Google >>> > Groups >>> > "ossec-list" group. >>> > To unsubscribe from this group and stop receiving emails from it, send >>> > an >>> > email to [email protected]. >>> > For more options, visit https://groups.google.com/d/optout. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
