This is an old revision of the document!
# wget -q -O - https://updates.atomicorp.com/installers/atomic | bash # apt install apt-transport-https # apt update
# apt install ossec-hids-server
ossec-agent# apt install ossec-hids-agent ossec-agent# vim /var/ossec/etc/ossec.conf
<ossec_config> <client> <server-ip>192.168.155.10</server-ip> ...
ossec-server# /var/ossec/bin/manage_agents ... ossec-server# /var/ossec/bin/ossec-control restart ossec-server# ss -panu | grep 1514 ossec-agent# /var/ossec/bin/manage_agents ... ossec-agent# /var/ossec/bin/ossec-control restart ossec-server# /var/ossec/bin/agent_control -l ... ossec-server# /var/ossec/bin/agent_control -i 001 ...
https://ossec-docs.readthedocs.io/en/latest/programs/ossec-reportd.html
# cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -f level 1