I got similar error yesterday, and spent like 4 hours to debug. The issue was because of typo in hostname of my server in my ossec-agent.conf. I know it is my stupid mistake, but printing hostname in logs ( like getaddrinfo: Name or service not known for foo.com) will be extra helpful
ac On Thursday, April 11, 2019 at 6:49:57 PM UTC-4, Lonlone Lee wrote: > > I’ve upgraded to version 3.2.0 and this has appeared to have resolved my > issue. Thank you again for your assistance. > > > > *From:* [email protected] <javascript:> <[email protected] > <javascript:>> *On Behalf Of *Lonlone Lee > *Sent:* Thursday, April 11, 2019 9:04 AM > *To:* [email protected] <javascript:> > *Subject:* RE: [ossec-list] install ossec - bind to port 1514 fail | > getaddrinfo: name or service not know > > > > Thank you for the response. I will try upgrading to a more recent version. > > > > *From:* [email protected] <javascript:> <[email protected] > <javascript:>> *On Behalf Of *[email protected] <javascript:> > *Sent:* Thursday, April 11, 2019 5:56 AM > *To:* ossec-list <[email protected] <javascript:>> > *Subject:* Re: [ossec-list] install ossec - bind to port 1514 fail | > getaddrinfo: name or service not know > > > > > > These IPv6/IPv4 issues are due to the way IPv4 and IPv6 were being > implemented on releases earlier than 3.1.0. This only affects OSSEC > servers. The issue has to do with the way addresses are requested from the > system (IPv4 native versus IPv4 mapped over IPv6) and the fact that earlier > releases of OSSEC limited you to just one address (no multiple binding). > All of that has been fixed. You can read more about the correction here: > > > > https://github.com/ossec/ossec-hids/pull/1412 > > > > If you do not want to migrate to OSSEC 3.1.0 server (which should be > compatible with older OSSEC clients), you can download a copy of 2.9.3 with > the change in it from this link: > > > > https://networkalarmcorp.com/dnld/ossec-hids-2.9.3.1.tgz > > > > However, it is worth it to move to the latest release of OSSEC due to many > other fixes and enhancements in the code base. > > > > Best, > > > > Dave Stoddard > > Network Alarm Corp. > > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > For more options, visit https://groups.google.com/d/optout. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
