LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Virtualization and Cloud
User Name
Password
Linux - Virtualization and Cloud This forum is for the discussion of all topics relating to Linux Virtualization and Linux Cloud platforms. Xen, KVM, OpenVZ, VirtualBox, VMware, Linux-VServer and all other Linux Virtualization platforms are welcome. OpenStack, CloudStack, ownCloud, Cloud Foundry, Eucalyptus, Nimbus, OpenNebula and all other Linux Cloud platforms are welcome. Note that questions relating solely to non-Linux OS's should be asked in the General forum.

Notices



Reply
 
Search this Thread
Old 01-16-2013, 12:21 AM   #1
sriramdas
Member
 
Registered: Mar 2012
Location: Chennai, India
Distribution: Ubuntu, CentOS, Opensolaris, Fedora 13
Posts: 44

Rep: Reputation: Disabled
How to connect an ossec agent installed on Virtualbox to host machine running on Cent


Hi Guys,


Am trying to install ossec IDS on my CentOS 6.3 machine.
Successfully installed it (Ossec Server on host machine). Have a Ubuntu 10.04 installation running on my virtual Box 4.2. Installed the ossec agent on the ubuntu.

I have all the agents of ossec installed on my host machine (Centos). Configure the agent, added the ip of the VBOX machine to the agent. Restarted the ossec service but still the agent installed in Virtual box is not connecting to the server installed on the host (CentOS 6.3).

Can any one please advise on this?

The out from host machine (CentOS )
------------------------------------------
root@localhost ossec-hids-2.7]# /var/ossec/bin/ossec-control restart
Killing ossec-monitord ..
Killing ossec-logcollector ..
Killing ossec-remoted ..
Killing ossec-syscheckd ..
Killing ossec-analysisd ..
Killing ossec-maild ..
Killing ossec-execd ..
OSSEC HIDS v2.7 Stopped
Starting OSSEC HIDS v2.7 (by Trend Micro Inc.)...
Started ossec-maild...
Started ossec-execd...
Started ossec-analysisd...
Started ossec-logcollector...
Started ossec-remoted...
Started ossec-syscheckd...
Started ossec-monitord...
Completed.
[root@localhost ossec-hids-2.7]# /var/ossec/bin/agent_control -l

OSSEC HIDS agent_control. List of available agents:
ID: 000, Name: localhost.localdomain (server), IP: 127.0.0.1, Active/Local
ID: 001, Name: sriramvbox, IP: 10.0.2.15, Never connected

List of agentless devices:

---------------------------------------------------------------

Am sure the ip of the vbox is correct.

Imported the key from the server to agent (running on Vbox). but getting the following errors.

------------------------------------------------------------------
root@sriramdas-desktop:/var/ossec/bin# /var/ossec/bin/manage_agents


****************************************
* OSSEC HIDS v2.7 Agent manager. *
* The following options are available: *
****************************************
(I)mport key from the server (I).
(Q)uit.
Choose your action: I or Q: I

* Provide the Key generated by the server.
* The best approach is to cut and paste it.
*** OBS: Do not include spaces or new lines.

Paste it here (or '\q' to quit): MDAxIHNyaXJhbXZib3ggMTAuMC4yLjE1IDRhYzIyMGMzMmQ0ZjgxZDMyYmEyOTgzMTcyMDlhMzc0YWEwNjE2ZTVhZWQ2NjQ4ZDBk NWY0OTcxMjU3OTVhYjk=

Agent information:
ID:001
Name:sriramvbox
IP Address:10.0.2.15

Confirm adding it?(y/n): y
Added.
** Press ENTER to return to the main menu.



****************************************
* OSSEC HIDS v2.7 Agent manager. *
* The following options are available: *
****************************************
(I)mport key from the server (I).
(Q)uit.
Choose your action: I or Q: Q

** You must restart OSSEC for your changes to take effect.

manage_agents: Exiting ..
root@sriramdas-desktop:/var/ossec/bin# /var/ossec/bin/ossec-control stop
ossec-logcollector not running ..
ossec-syscheckd not running ..
ossec-agentd not running ..
Killing ossec-execd ..
OSSEC HIDS v2.7 Stopped
root@sriramdas-desktop:/var/ossec/bin# /var/ossec/bin/ossec-control start
Starting OSSEC HIDS v2.7 (by Trend Micro Inc.)...
Started ossec-execd...
2013/01/16 10:47:17 ossec-config(1230): ERROR: Invalid element in the configuration: 'client'.
2013/01/16 10:47:17 ossec-config(1202): ERROR: Configuration error at '/var/ossec/etc/ossec.conf'. Exiting.
2013/01/16 10:47:17 ossec-agentd(1215): ERROR: No client configured. Exiting.
root@sriramdas-desktop:/var/ossec/bin#
----------------------------------------------------------

Can anyone please advise on what can be done next?

Thanks,
Sriram A Das
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
VirtualBox: Use a host block device in the virtual machine Kenny_Strawn Linux - Virtualization and Cloud 4 11-21-2010 06:00 PM
[SOLVED] Samba setup - Windows 7 host, CentOS Machine using VirtualBox twaddlac Linux - Server 1 07-15-2010 02:11 PM
[SOLVED] Samba setup - Windows 7 host, CentOS Machine using VirtualBox twaddlac Linux - Networking 2 06-23-2010 04:09 PM
OSSEC in agent / server mode PlatinumX Linux - Security 4 05-06-2010 11:12 AM
VirtualBox - connect to remote host Mig21 Linux - Software 0 03-16-2009 07:09 PM


All times are GMT -5. The time now is 04:32 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration