Yes, here you'll find a guide with all daemons 

Please, let us know if you have any doubt. 
Best regards, 

On Monday, July 17, 2017 at 9:19:04 AM UTC+2, Kazim Koybasi wrote:
> Thanks for quick reply.
> As I understand agent collect logs with ossec-logcollector and send all 
> off them server.Server is analyzing all logs with ossec-analysisd daemon 
> and match them according to decoders and rules.Also if I open logall option 
> in server it saves all logs under /var/ossec/logs/archives directory.
> On Monday, 17 July 2017 09:53:37 UTC+3, Kazim Koybasi wrote:
>> Is archives.log under /var/ossec/logs/ contains all logs produced at 
>> agent host server?I am trying to understand that how OSSEC manager and 
>> agent topology works. Agent does not contains rules.
>> Is it mean that agent send all logs to manager and it process log files 
>> according to decoder and rule files? Is it logs only processed logs as 
>> archives.log? Thanks for reading.


You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
For more options, visit

Reply via email to