Package Details: ossec-agent 2.8.3-1

Git Clone URL: https://aur.archlinux.org/ossec-agent.git (read-only)
Package Base: ossec-agent
Description: Open Source Host-based Intrusion Detection System
Upstream URL: http://www.ossec.net/
Licenses: GPL3
Submitter: stativ
Maintainer: stativ
Last Packager: stativ
Votes: 7
Popularity: 1.142780
First Submitted: 2007-09-29 15:39
Last Updated: 2016-01-21 19:36

Latest Comments

ruidc commented on 2016-11-02 07:48

I got past my problems, the key issue was that the owner on /var/ossec was still root and should have been ossec

ruidc commented on 2016-09-19 11:17

trying to run the agent i get:
ERROR: Queue '/var/ossec/queue/ossec/queue' not accessible: 'Queue not found'.

And indeed the last 'queue' file/folder is not there. My understanding is that this should be created upon running ossec-analysisd but that is not part of this package. Do I need to also install the ossec-server package even though i only want an agent here?

stativ commented on 2016-01-26 17:01

@testtube: great, thanks!

testtube commented on 2016-01-25 19:47

@static thanks, I don't have time to test it but the manage_agents is fixed:
$/var/ossec/bin/manage_agents
****************************************
* OSSEC HIDS v2.8.3 Agent manager. *
* The following options are available: *
****************************************
(I)mport key from the server (I).
(Q)uit.

stativ commented on 2016-01-21 19:42

Can some of you guys using the ossec agent installation whether the manage_agents works in this version? I think I have finally found why it was compiled for server rather than for agent and fixed it appropriately. Thx.

testtube commented on 2015-12-24 20:23

this package is still broken as below, indeed the provided manage_agents is for server not agent:
$ /var/ossec/bin/manage_agents -i xxxxxxxxxxxxxx
2015/xx/xx xx:xx:xx manage_agents: You can't import keys on the manager.

Anonymous comment on 2015-07-09 06:33

Note: ossec appears to require (optional?) the 'host' command for installation. If so, could you please include the bind-tools package as a dependency?

Regarding the previous posted problems, a manual installation outside of this package appears to work fine. Have you discovered why this package won't work?

Anonymous comment on 2015-07-09 05:12

Note: ossec appears to require (optional?) the 'host' command for installation. If so, could you please include the bind-utils package as a dependency?

Regarding the previous posted problems, a manual installation outside of this package appears to work fine. Have you discovered why this package won't work?

Anonymous comment on 2015-07-08 08:34

Hi stativ,

Two errors, first is a blocker:

1) This ossec-agent package produces a /var/ossec/bin/manage_agents that is supposed to be for the ossec-server package. ossec-agent's manage_agent should have different functionality and the ability to import keys as seen here: https://ossec-docs.readthedocs.org/en/latest/programs/manage_agents.html

Even with the -i switch, the current manage_agents in the ossec-agent's package does not work for clients/agents. As of writing, I cannot use ossec at all because of this problem.

2) The following message appears when building

"5- Installing the system
- Running the Makefile
cp: failed to access ‘/var/ossec/tmp/makepkg/ossec-agent/pkg/ossec-agent/etc/ossec-init.conf’: Permission denied
chmod: cannot access ‘/var/ossec/tmp/makepkg/ossec-agent/pkg/ossec-agent/etc/ossec-init.conf’: Permission denied

- Unknown system. No init script added.
- Configuration finished properly."

This scripts says that it finished properly, but did it really? Note: /tmp/makepkg would be my current build directory for makepkg.

I wonder if these are Arch issues or upstream issues. As a whole, I find this project a little scattered and erratic, especially with documentation, so if I missed something, my apologies.

Anonymous comment on 2015-07-08 08:32

Hi stativ,

Two errors, first is a blocker:

1) This ossec-agent package produces a /var/ossec/bin/manage_agent that is supposed to be for the ossec-server package. ossec-agent's manage_agent should have different functionality and the ability to import keys as seen here: https://ossec-docs.readthedocs.org/en/latest/programs/manage_agents.html

Even with the -i switch, the current manage_agents in the ossec-agent's package does not work for clients/agents. As of writing, I cannot use ossec at all because of this problem.

2) The following message appears when building

"5- Installing the system
- Running the Makefile
cp: failed to access ‘/var/ossec/tmp/makepkg/ossec-agent/pkg/ossec-agent/etc/ossec-init.conf’: Permission denied
chmod: cannot access ‘/var/ossec/tmp/makepkg/ossec-agent/pkg/ossec-agent/etc/ossec-init.conf’: Permission denied

- Unknown system. No init script added.
- Configuration finished properly."

This scripts says that it finished properly, but did it really? Note: /tmp/makepkg would be my current build directory for makepkg.

I wonder if these are Arch issues or upstream issues. As a whole, I find this project a little scattered and erratic, especially with documentation, so if I missed something, my apologies.

All comments