2015-05-14
Time to get some OSSEC on and connect an agent to Alienvault… There is a bunch of people out there that are compiling, and not many using the RPM, or they forget to install both RPMs…
wget -q -O – http://www.atomicorp.com/installers/atomic.sh | sh
yum install ossec-hids ossec-hids-client
add agent config to Alienvault
extract key
# /var/ossec/bin/manage_client
(I – to import the key from Alienvault)
modify /var/ossec/etc/ossec-agent.conf
(change server ip address)
service ossec-hids start
chkconfig ossec-hids on
On the Alienvault server – restart the ossec server in Environment-Detection-HIDS-Ossec Control
PREV
Too many Tickets and Alarms in…
NEXT
Proxy web traffic through your…
Lance Grover
© 2015-2023 Lance Grover