trying to run the agent i get:
ERROR: Queue '/var/ossec/queue/ossec/queue' not accessible: 'Queue not found'.
And indeed the last 'queue' file/folder is not there. My understanding is that this should be created upon running ossec-analysisd but that is not part of this package. Do I need to also install the ossec-server package even though i only want an agent here?
Search Criteria
Package Details: ossec-agent 2.8.3-1
| Git Clone URL: | https://aur.archlinux.org/ossec-agent.git (read-only) |
|---|---|
| Package Base: | ossec-agent |
| Description: | Open Source Host-based Intrusion Detection System |
| Upstream URL: | http://www.ossec.net/ |
| Licenses: | |
| Submitter: | stativ |
| Maintainer: | stativ |
| Last Packager: | stativ |
| Votes: | 7 |
| Popularity: | 1.431220 |
| First Submitted: | 2007-09-29 15:39 |
| Last Updated: | 2016-01-21 19:36 |
Dependencies (1)
Required by (0)
Sources (3)
- config
- https://bintray.com/artifact/download/ossec/ossec-hids/ossec-hids-2.8.3.tar.gz
- ossec.service
Latest Comments
ruidc commented on 2016-09-19 11:17
stativ commented on 2016-01-26 17:01
@testtube: great, thanks!
testtube commented on 2016-01-25 19:47
@static thanks, I don't have time to test it but the manage_agents is fixed:
$/var/ossec/bin/manage_agents
****************************************
* OSSEC HIDS v2.8.3 Agent manager. *
* The following options are available: *
****************************************
(I)mport key from the server (I).
(Q)uit.
stativ commented on 2016-01-21 19:42
Can some of you guys using the ossec agent installation whether the manage_agents works in this version? I think I have finally found why it was compiled for server rather than for agent and fixed it appropriately. Thx.
testtube commented on 2015-12-24 20:23
this package is still broken as below, indeed the provided manage_agents is for server not agent:
$ /var/ossec/bin/manage_agents -i xxxxxxxxxxxxxx
2015/xx/xx xx:xx:xx manage_agents: You can't import keys on the manager.
archaurwiki commented on 2015-07-09 06:33
Note: ossec appears to require (optional?) the 'host' command for installation. If so, could you please include the bind-tools package as a dependency?
Regarding the previous posted problems, a manual installation outside of this package appears to work fine. Have you discovered why this package won't work?
archaurwiki commented on 2015-07-09 05:12
Note: ossec appears to require (optional?) the 'host' command for installation. If so, could you please include the bind-utils package as a dependency?
Regarding the previous posted problems, a manual installation outside of this package appears to work fine. Have you discovered why this package won't work?
archaurwiki commented on 2015-07-08 08:34
Hi stativ,
Two errors, first is a blocker:
1) This ossec-agent package produces a /var/ossec/bin/manage_agents that is supposed to be for the ossec-server package. ossec-agent's manage_agent should have different functionality and the ability to import keys as seen here: https://ossec-docs.readthedocs.org/en/latest/programs/manage_agents.html
Even with the -i switch, the current manage_agents in the ossec-agent's package does not work for clients/agents. As of writing, I cannot use ossec at all because of this problem.
2) The following message appears when building
"5- Installing the system
- Running the Makefile
cp: failed to access ‘/var/ossec/tmp/makepkg/ossec-agent/pkg/ossec-agent/etc/ossec-init.conf’: Permission denied
chmod: cannot access ‘/var/ossec/tmp/makepkg/ossec-agent/pkg/ossec-agent/etc/ossec-init.conf’: Permission denied
- Unknown system. No init script added.
- Configuration finished properly."
This scripts says that it finished properly, but did it really? Note: /tmp/makepkg would be my current build directory for makepkg.
I wonder if these are Arch issues or upstream issues. As a whole, I find this project a little scattered and erratic, especially with documentation, so if I missed something, my apologies.
archaurwiki commented on 2015-07-08 08:32
Hi stativ,
Two errors, first is a blocker:
1) This ossec-agent package produces a /var/ossec/bin/manage_agent that is supposed to be for the ossec-server package. ossec-agent's manage_agent should have different functionality and the ability to import keys as seen here: https://ossec-docs.readthedocs.org/en/latest/programs/manage_agents.html
Even with the -i switch, the current manage_agents in the ossec-agent's package does not work for clients/agents. As of writing, I cannot use ossec at all because of this problem.
2) The following message appears when building
"5- Installing the system
- Running the Makefile
cp: failed to access ‘/var/ossec/tmp/makepkg/ossec-agent/pkg/ossec-agent/etc/ossec-init.conf’: Permission denied
chmod: cannot access ‘/var/ossec/tmp/makepkg/ossec-agent/pkg/ossec-agent/etc/ossec-init.conf’: Permission denied
- Unknown system. No init script added.
- Configuration finished properly."
This scripts says that it finished properly, but did it really? Note: /tmp/makepkg would be my current build directory for makepkg.
I wonder if these are Arch issues or upstream issues. As a whole, I find this project a little scattered and erratic, especially with documentation, so if I missed something, my apologies.
stativ commented on 2010-05-27 15:56
PKGBUILD updated (for more news see ossec-server or ossec-local).
IMPORTANT NOTE:
You have to change the USER_AGENT_SERVER_IP to the actual ossec-server IP in the config file prior to building package (you have to update md5sums then).