I have just installed the ossec accordingly as the server when it asked for my email i put in my gmail and for the smtp I was not sure just put as localhost first. Then it run a number of commands accordingly finally it states this
Starting OSSEC HIDS v2.6 (by Trend Micro Inc.)...
OSSEC analysisd: Testing rules failed. Configuration error. Exiting.
So what error is it telling me about the configuration?
I am new to ossec installation. I tried to installed it as manager and new I did this /var/ossec/bin/ossec-control start
As far as emailing, you should have received an email saying "ossec server started" when your system was initialized. I noticed that you are sending your emails to @gmail.com which could be problematic. Unless you have taken steps to either make your system a regular mail server that gmail will accept under normal circumstances or are using an SMTP relay such as through your ISP, you face a very high likelihood that your mail will be rejected by gmail. I would suggest you start by letting ossec send mail to root or another local account and then see if you receive those, then work on getting gmail to accept your messages.
Ok lets go first with the installation type in the begining it ask me is it a manager I type as manager so what should I do in the very first step what type of installation and how to to setup the standalone installation? Where I could have gone wrong?
Regarding the email how should the setup be if I need to just send to local root? What changes should I do then? I will go with your suggestion get the root to receive the email first. Thank you.
|All times are GMT -5. The time now is 01:20 AM.|