On Feb 10, 2016 7:51 AM, "Maxim Surdu" <[email protected]> wrote:
>
> [root@mx2 ossec]# ll
> total 16K
> 4.0K drwxrwxrwx 2 ossec ossec 4.0K Feb 10 14:27 ./
> 4.0K dr-xr-x--- 7 root  ossec 4.0K Dec 30 09:32 ../
> 4.0K -rwxrwxrwx 1 ossec ossec   23 Feb 10 12:50 .agent_info*
>    0 srw-rw---- 1 ossec ossec    0 Feb 10 14:27 queue=
>    0 srwxrwxrwx 1 ossec ossec    0 Feb 10 12:18 queue_=
> 4.0K -rwxrwxrwx 1 ossec ossec    1 Feb 10 12:03 .wait*
>
>

You have working agents, I'm on a train. Compare those perms to a working
agent.
Also Try reimporting the key again.

> miercuri, 10 februarie 2016, 14:49:58 UTC+2, Maxim Surdu a scris:
>>
>> [root@mx2 bin]# ll
>> total 2.4M
>> 4.0K dr-xr-x---  2 root ossec 4.0K Dec 30 09:32 ./
>> 4.0K dr-xr-x--- 11 root ossec 4.0K Dec 30 09:32 ../
>> 192K -r-xr-x---  1 root ossec 189K Dec 30 09:32 agent-auth*
>> 268K -r-xr-x---  1 root ossec 267K Dec 30 09:32 manage_agents*
>> 540K -r-xr-x---  1 root ossec 540K Dec 30 09:32 ossec-agentd*
>> 8.0K -r-xr-x---  1 root ossec 4.8K Oct 13 00:21 ossec-control*
>> 116K -r-xr-x---  1 root ossec 115K Dec 30 09:31 ossec-execd*
>> 412K -r-xr-x---  1 root ossec 411K Dec 30 09:32 ossec-logcollector*
>> 216K -r-xr-x---  1 root ossec 213K Dec 30 09:31 ossec-lua*
>> 148K -r-xr-x---  1 root ossec 145K Dec 30 09:31 ossec-luac*
>> 536K -r-xr-x---  1 root ossec 535K Dec 30 09:32 ossec-syscheckd*
>> 8.0K -r-xr-x---  1 root ossec 4.3K Oct 13 00:21 util.sh*
>>
>>
>> miercuri, 10 februarie 2016, 14:48:06 UTC+2, dan (ddpbsd) a scris:
>>>
>>>
>>> On Feb 10, 2016 7:38 AM, "Maxim Surdu" <[email protected]> wrote:
>>> >
>>> > [root@mx2 bin]# tail -f /var/ossec/logs/ossec.log
>>> > 2016/02/10 14:27:25 ossec-rootcheck: DEBUG: Starting ...
>>> > 2016/02/10 14:27:25 ossec-rootcheck: Starting queue ...
>>> > 2016/02/10 14:27:28 ossec-syscheckd(1210): ERROR: Queue
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
>>> > 2016/02/10 14:27:28 ossec-rootcheck(1210): ERROR: Queue
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
>>> > 2016/02/10 14:27:34 ossec-logcollector(1210): ERROR: Queue
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
>>> > 2016/02/10 14:27:34 ossec-logcollector(1211): ERROR: Unable to access
queue: '/var/ossec/queue/ossec/queue'. Giving up..
>>> > 2016/02/10 14:27:36 ossec-syscheckd(1210): ERROR: Queue
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
>>> > 2016/02/10 14:27:36 ossec-rootcheck(1210): ERROR: Queue
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
>>> > 2016/02/10 14:27:49 ossec-syscheckd(1210): ERROR: Queue
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
>>> > 2016/02/10 14:27:49 ossec-rootcheck(1211): ERROR: Unable to access
queue: '/var/ossec/queue/ossec/queue'. Giving up..
>>> >
>>> >
>>>
>>> Check the permissions of the queue directory and files.
>>> Check any selinux or similar logs.
>>> Reinstall?
>>>
>>> >
>>> > the same
>>> >
>>> >
>>> > miercuri, 10 februarie 2016, 14:36:42 UTC+2, dan (ddpbsd) a scris:
>>> >>
>>> >>
>>> >> On Feb 10, 2016 7:32 AM, "Maxim Surdu" <[email protected]> wrote:
>>> >> >
>>> >> > Hi dear community,
>>> >> >
>>> >> > i install and configure about 10 agents
>>> >> >
>>> >> > but one of then after install client key did not start
>>> >> >
>>> >> >
>>> >> > [root@mx2 bin]# ./ossec-control start
>>> >> > Starting OSSEC HIDS v2.8.3 (by Trend Micro Inc.)...
>>> >> > Started ossec-execd...
>>> >> > 2016/02/10 14:27:25 ossec-agentd: INFO: Using notify time: 600 and
max time to reconnect: 1800
>>> >> > Started ossec-agentd...
>>> >> > 2016/02/10 14:27:25 ossec-logcollector: DEBUG: Starting ...
>>> >> > Started ossec-logcollector...
>>> >> > 2016/02/10 14:27:25 ossec-syscheckd: DEBUG: Starting ...
>>> >> > 2016/02/10 14:27:25 syscheckd: Reading Configuration
[/var/ossec/etc/ossec.conf]
>>> >> > 2016/02/10 14:27:25 syscheckd: Reading Client Configuration
[/var/ossec/etc/ossec.conf]
>>> >> > 2016/02/10 14:27:25 ossec-rootcheck: DEBUG: Starting ...
>>> >> > 2016/02/10 14:27:25 ossec-rootcheck: Starting queue ...
>>> >> > 2016/02/10 14:27:28 ossec-syscheckd(1210): ERROR: Queue
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
>>> >> > 2016/02/10 14:27:28 ossec-rootcheck(1210): ERROR: Queue
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
>>> >> > 2016/02/10 14:27:36 ossec-syscheckd(1210): ERROR: Queue
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
>>> >> > 2016/02/10 14:27:36 ossec-rootcheck(1210): ERROR: Queue
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
>>> >> > 2016/02/10 14:27:49 ossec-syscheckd(1210): ERROR: Queue
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
>>> >> > 2016/02/10 14:27:49 ossec-rootcheck(1211): ERROR: Unable to access
queue: '/var/ossec/queue/ossec/queue'. Giving up..
>>> >> > ossec-syscheckd did not start
>>> >> >
>>> >> >
>>> >> > please any suggestions because this servers are very important for
monitoring logs.
>>> >> >
>>> >>
>>> >> Check the ossec.log for more detailed log messages.
>>> >>
>>> >> > Many thanks,
>>> >> > Maxim Surdu
>>> >> >
>>> >> > --
>>> >> >
>>> >> > ---
>>> >> > You received this message because you are subscribed to the Google
Groups "ossec-list" group.
>>> >> > To unsubscribe from this group and stop receiving emails from it,
send an email to [email protected].
>>> >>
>>> >> > For more options, visit https://groups.google.com/d/optout.
>>> >
>>> > --
>>> >
>>> > ---
>>> > You received this message because you are subscribed to the Google
Groups "ossec-list" group.
>>> > To unsubscribe from this group and stop receiving emails from it,
send an email to [email protected].
>>> > For more options, visit https://groups.google.com/d/optout.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
"ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
email to [email protected].
> For more options, visit https://groups.google.com/d/optout.

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to