On Nov 21, 2014 10:46 AM, "Colin Bruce" <[email protected]> wrote: > > Hi, > > > > I have been trying to get this to work for a couple of months now and have got absolutely nowhere. I see lots of people with questions which suggests that they have it running. I just don't understand what I am doing wrong, > > > > I've started again untarred the file ossec-hids-2.8.1.tar.gz, run install.sh using all the defaults and whe I run it I do get a notification by e-mail that it has started. However, the log file includes: > > > > > > Why is the socket not available? Surely if it is required it should either be in the install.sh or documented somewhere. > > > > I've installed two agents - one on a windows server and one on a Linux server. Neither of them connect to the ossec server. On both I get this: > > > > > > The log on the ossec server shows absolutely no attempt to connect from anywhere. It just ignores everything. All the servers are on the same network 192.168.30.0/24 and I've given them keys. There is no firewall of any kind between the servers and all other communications works fine. > > > > This is an absolutely out of the box install with no configuration other than what install.sh does and it doesn't work. > > > > Does anyone have any idea what is wrong or even where to look. > >
Is ossec-remoted working? Are udp packets making it to the manager? Are the keys and ips for the agents unique? Did you restart the manager's ossec processes after adding the agents? Are you sure you gave each agent the correct key? > > Best wishes.... > > Colin > > -- > > --- > You received this message because you are subscribed to the Google Groups "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
