O'Reilly logo

Instant OSSEC Host-based Intrusion Detection by Brad Lhotsky

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Getting agents to communicate (Simple)

Now that the server has been configured, this recipe covers how one can configure the clients to connect to the server to increase the intelligence and relevance of alerts.

Getting ready

In this example, we assume that the:

  • OSSEC server is 192.168.0.1
  • Our servers live on 192.168.0.0/23 (192.168.0.1 to 192.168.1.254)

We also assume that you have successfully installed OSSEC. You can install it from the source or with a binary installer. To install from a source, use the install.sh command and select agent as the installation type in the first step. Binary installers will label their agent packages as either agent or client. The Debian package is labeled ossec-hids-agent and the Red Hat package is labeled ossec-hids-client ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required