I've got Windows Ossec agents figured out, but I can't seem to find any good instructions on how to configure Linux agents.
I installed the ossec agent on one of my linux boxes (ubuntu server) as instructed here. https://www.ossec.net/downloads/#apt-automated-installation-on-ubuntu-and-debian *wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo bash* *sudo apt update* *sudo apt-get install ossec-hids-agent* That seemed to install fine, but where do I define the server and enter the agent key? And how do I start the agent? The documentation found here isn't very helpful. https://www.ossec.net/docs/ I found a 'sample' *ossec.conf* file in /var/ossec/etc/ Is that what I'm supposed to edit? *service ossec status* shows it's 'inactive'. Am I supposed to manually start it? The documentation seems inadequate. Can someone please give me some specifics? -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/d58a0a9c-1c79-4e64-b922-a43066a4a280%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
