This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервис_ossec [2020/07/15 13:27] val |
сервис_ossec [2020/07/15 13:35] val |
||
---|---|---|---|
Line 21: | Line 21: | ||
==== Установка и запуск сервера ==== | ==== Установка и запуск сервера ==== | ||
<code> | <code> | ||
- | # apt install ossec-hids-server | + | lan# apt install ossec-hids-server |
- | ossec-server# /var/ossec/bin/agent_control -l | + | lan# /var/ossec/bin/agent_control -l |
... | ... | ||
</code> | </code> | ||
Line 29: | Line 29: | ||
==== Настройка сервера для подключения агента ==== | ==== Настройка сервера для подключения агента ==== | ||
<code> | <code> | ||
- | ossec-server# /var/ossec/bin/manage_agents | + | lanr# /var/ossec/bin/manage_agents |
... | ... | ||
(A)dd an agent (A). | (A)dd an agent (A). | ||
Line 41: | Line 41: | ||
... | ... | ||
- | ossec-server# /var/ossec/bin/ossec-control restart | + | lan# /var/ossec/bin/ossec-control restart |
- | ossec-server# ss -panu | grep 1514 | + | lan# ss -panu | grep 1514 |
</code> | </code> | ||
==== Установка, запуск и подключение агента ==== | ==== Установка, запуск и подключение агента ==== | ||
<code> | <code> | ||
- | ossec-agent# apt install ossec-hids-agent | + | server# apt install ossec-hids-agent |
- | ossec-agent# vim /var/ossec/etc/ossec.conf | + | server# vim /var/ossec/etc/ossec.conf |
</code><code> | </code><code> | ||
<ossec_config> | <ossec_config> | ||
Line 57: | Line 57: | ||
... | ... | ||
</code><code> | </code><code> | ||
- | ossec-agent# /var/ossec/bin/manage_agents | + | server# /var/ossec/bin/manage_agents |
+ | ... | ||
+ | (I)mport key from the server (I). | ||
... | ... | ||
- | ossec-agent# /var/ossec/bin/ossec-control start | + | server# /var/ossec/bin/ossec-control start |
</code> | </code> | ||
==== Проверка подключения агента ==== | ==== Проверка подключения агента ==== | ||
<code> | <code> | ||
- | ossec-server# /var/ossec/bin/agent_control -i 001 | + | lan# /var/ossec/bin/agent_control -i 001 |
... | ... | ||
</code> | </code> | ||
==== Просмотр отчетов ==== | ==== Просмотр отчетов ==== | ||
- | https://ossec-docs.readthedocs.io/en/latest/programs/ossec-reportd.html | + | * [[https://www.ossec.net/docs/docs/programs/ossec-reportd.html|ossec-reportd]] |
<code> | <code> | ||
- | # cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -f level 1 | + | lan# cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -f level 1 |
</code> | </code> |