Ubuntu安装OSSEC server agent

1、按照官方手册分别安装server和虚拟机中安装agent。

 

启动server时出现sudo /var/ossec/bin/ossec-control start

Starting OSSEC HIDS v2.6 (by Trend Micro Inc.)...

OSSEC analysisd: Testing rules failed. Configuration error. Exiting.

Started ossec-maild...

Started ossec-execd...

Started ossec-analysisd...

Started ossec-logcollector...

Started ossec-remoted...

Started ossec-syscheckd...

Started ossec-monitord...

Completed.

解决办法是创建一个超链接

ln -s /var/ossec/bin/ossec-logtest /var/ossec/ossec-logtest

 

如果出现ERROR: Unable to switch to group: 'ossec'错误,就用sudo。

 

2、server添加一个Agent

sudo ./manage_agents

A添加

E生成key

 

3、agent导入key

sudo ./manage_agents

I导入key

MDAxIHZ3dWpheV9hZ2VudCAxOTIuMTY4LjEuNTcgNzY1MDgwYWNmYjcyMzEzZDhkMTQ3ZDQ1MDU1ZTEwOGNkNzYzOGU0YzRkYzAwMGRkMDQ0YzdjMmFjOWZhNzI4NQ==

你可能感兴趣的:(ubuntu)