On Thu, Aug 7, 2014 at 5:23 PM, Nick Turley <[email protected]> wrote:
> I just tested this in a vagrant environment. On the OSSEC server, I ran:
>
> /var/ossec/bin/ossec-authd -i -p 1515
>
> On my Ubuntu tests box, I ran:
>
> ./agent-auth -m 192.168.20.25 -p 1515
>
> Now, when I run ./agent-control -l or ./manage_agents -l I see:
>
> Available agents:
>    ID: 001, Name: test.ucr.edu, IP: 138.23.1.1
>    ID: 1047, Name: wheeze.ucr.edu, IP: any
>    ID: 1048, Name: centsx64.ucr.edu, IP: any
>    ID: 1049, Name: wheeze, IP: 192.168.20.20
>
> You can see agent ID 1049 now includes the IP. ID 1048 (CentOS box) was
> registered prior to running ossec-authd with the -i argument. Hope this
> helps.
>

So the question is, what about this really needs to be documented?
I'll do the work (since I don't think greg is interested in
contributing), but I don't know what about this needs to be in
writing.

> On Thursday, August 7, 2014 8:40:56 AM UTC-7, gkspranger wrote:
>>
>> i did .. but that really doesn't tell me anything -- it just runs .. and
>> like i said, i am just looking for some documentation about expected
>> behavior and hopefully even an example or two ..
>>
>>
>> thanks,
>> greg
>>
>>
>>
>>
>> On Wednesday, August 6, 2014 7:40:46 AM UTC-4, dan (ddpbsd) wrote:
>>>
>>> On Tue, Aug 5, 2014 at 7:26 PM, gkspranger <[email protected]> wrote:
>>> > hi there !!
>>> >
>>> > i promise i searched the intertubes for examples of this -- but are
>>> > there
>>> > any good examples out there related to ossec-authd's "-i" option ??
>>> >
>>> > http://ossec-docs.readthedocs.org/en/latest/programs/ossec-authd.html
>>> >
>>> > the only real examples i am seeing are related to creating the cert and
>>> > starting the service using the "-p" option -- for example:
>>> >
>>> >
>>> > http://dcid.me/blog/2011/01/automatically-creating-and-setting-up-the-agent-keys/
>>> >
>>> > but i would like to learn more about how to limit which agents can
>>> > connect
>>> > and register .. for example -- can you do entire subnets ?? or are you
>>> > defining only ONE IP address that is allowed to connect and register ??
>>> >
>>> > your help/examples are super appreciated ..
>>> >
>>>
>>>
>>> Have you tried running it with the -i flag? `/var/ossec/bin/ossec-authd
>>> -i`?
>>>
>>> > thanks,
>>> > greg
>>> >
>>> > --
>>> >
>>> > ---
>>> > You received this message because you are subscribed to the Google
>>> > Groups
>>> > "ossec-list" group.
>>> > To unsubscribe from this group and stop receiving emails from it, send
>>> > an
>>> > email to [email protected].
>>> > For more options, visit https://groups.google.com/d/optout.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> For more options, visit https://groups.google.com/d/optout.

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to