Hello, i have OSSEC installation on Centos 7 by rpm packages. I have server
default installation and client, in client configuration
/var/ossec/etc/agent.conf i add address of my server. When i restart agent
i got this errors.
Starting OSSEC HIDS 2.9.3 (by Trend Micro Inc.)...
Started ossec-exe
I have edit /var/ossec/etc/ossec.conf on a client
my_ip
and get this error
Started ossec-agentd...
2018/03/13 11:33:40 ossec-logcollector: Remote commands are not accepted
from the manager. Ignoring it on the agent.conf
2018/03/13 11:33:40 ossec-logcollector(1202): ERROR: Configur
>
> If you have commands in your agent.conf, you need to set
> "logcollector.remote_commands" to "1" in internal_options.conf.
>
> https://ossec.github.io/docs/syntax/head_internal_options.analysisd.html?highlight=remote%20command#intopt-logcollector.remote_commands=0
>
>
> now i have logcol
вторник, 13 марта 2018 г., 16:20:58 UTC+3 пользователь Igor написал:
>
>
>
>> If you have commands in your agent.conf, you need to set
>> "logcollector.remote_commands" to "1" in internal_options.conf.
>>
>> https://ossec.github.io/docs/
вторник, 13 марта 2018 г., 18:08:44 UTC+3 пользователь dan (ddpbsd) написал:
>
> On Tue, Mar 13, 2018 at 9:33 AM, Igor <651...@gmail.com >
> wrote:
> >
> >
> > вторник, 13 марта 2018 г., 16:20:58 UTC+3 пользователь Igor написал:
> >>
>
> You edit the file on the server. That file then gets pushed to the client.
>
> i have edit this file on a server, but file on client from
/var/ossec/etc/shared/agent.conf on client side
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To
so how can i resolv this error?
ossec-logcollector(1202): ERROR: Configuration error at
'/var/ossec/etc/shared/agent.conf'. Exiting.
четверг, 15 марта 2018 г., 0:16:19 UTC+3 пользователь dan (ddpbsd) написал:
>
> On Wed, Mar 14, 2018 at 6:28 AM, Igor <651...@gmail.com >
&
full Failure reason in Logstash. How can I fix this?
Thanks.
Igor
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroup
Hi,
I found this doc from Wazuh which tells how OSSEC helps on PCI:
https://wazuh.com/resources/OSSEC_PCI_DSS_Guide.pdf
It refers to PCI DSS 3.0. Is there doc similar to this for more recent
version of PCI DSS?
--
---
You received this message because you are subscribed to the Google Groups
I need to make OSSEC install fully automatic. Installation can be easily
done with /S flag to make it silent
(https://chocolatey.org/packages/ossec-agent)
My question now is: how do I set server IP and agent key using command line?
--
---
You received this message because you are subscribed
'server-ip'))
$server_ips = $client.SelectNodes('server-ip')
}
foreach ($server_ip in $server_ips) {
$server_ip.set_InnerText($ip)
}
}
$xml2 = New-Object System.Xml.XmlDocument
$node = $xml2.AppendChild($xml2.ImportNode($ossec_config, $true))
$xml2.Save($ossec_config_file)
break
}
.ldap" and "getent group >
/etc/group.ldap" and use ossec to
check for changes in those files. This might work..
Wonder if anybody else done this.
Igor W
12 matches
Mail list logo
