I have just installed the ossec accordingly as the server when it asked for my email i put in my gmail and for the smtp I was not sure just put as localhost first. Then it run a number of commands accordingly finally it states this
Code:
In order to connect agent and server, you need to add each agent to the server.
Run the 'manage_agents' to add or remove them:
/var/ossec/bin/manage_agents
Another thing I did this /var/ossec/bin/ossec-control start
Starting OSSEC HIDS v2.6 (by Trend Micro Inc.)...
OSSEC analysisd: Testing rules failed. Configuration error. Exiting.
Started ossec-maild...
Started ossec-execd...
Started ossec-analysisd...
Started ossec-logcollector...
Started ossec-remoted...
Started ossec-syscheckd...
Started ossec-monitord...
Completed.
So what error is it telling me about the configuration?
I am new to ossec installation. I tried to installed it as manager and new I did this /var/ossec/bin/ossec-control start
Code:
Starting OSSEC HIDS v2.6 (by Trend Micro Inc.)...
OSSEC analysisd: Testing rules failed. Configuration error. Exiting.
Started ossec-maild...
Started ossec-execd...
Started ossec-analysisd...
Started ossec-logcollector...
Started ossec-remoted...
Started ossec-syscheckd...
Started ossec-monitord...
Completed.
Part of config file is as below.
Code:
<global>
<email_notification>yes</email_notification>
<email_to>*****@gmail.com</email_to>
<smtp_server>localhost</smtp_server>
<email_from>ossecm@localhost.localdomain</email_from>
</global>
I managed to solve the issue by using this command ln s /var/ossec/bin/osseclogtest /var/ossec/ossec-logtest . What I need to verify is that should I set the agentless setting and how test if the ossec is working and able to send me emails? Thank you.