I'm pretty sure now this was a decoy wrt cis-ubuntu-ansible. Something was blocking access from the agent to server, but it was not cis-ubuntu-ansible. In any case, I could not reproduce the problem after rebuilding the [ossec agent] node.
Pedro, thanks for the pointer to internal_options.conf -- that will certainly come in handy. Jesus, yes I am running wazuh. Only after asking about this did I notice that OSSEC had support for checking CIS compliance. I need to dig thru logs because until I started using cis-ubuntu-ansible I was definitely not CIS compliant. Now I install OSSEC after running cis-ubuntu-ansible and the only non-compliance OSSEC complains about is not having all the separate partitions. I think I said it before, but it warrants saying it again: OSSEC/wazuh is very, very nice. I really appreciate all the effort that has gone into it. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
