Atomicorp

cponton

<directories check_all="yes">E:\.</directories>

The \ should be a / so can you give that a try please?

<directories check all="yes">e:/<directories>

cponton

Can you verify that kibana is running with ps ax | grep kibana

Also, if you could grep "kibana" /var/log/messages
to see if any errors occur there

cponton

So is everything working properly now?

cponton

Do you have an error output that you are seeing after having updated the Kibana service?

cponton

OSSEC supports sending diffs when changes are made to text files on Linux and unix systems. Configuring syscheck to show diffs is simple, add report_changes="yes" to the <directories option. For example: <syscheck> <directories report_changes="yes" check_all="yes">/etc<...

cponton

Yes! You will need to vim into /var/ossec/etc/ossec.conf and modify the file to include what directories you would like to watch:  <directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories> <directories check_all=&qu...

cponton

Verify that you can ping the server box from the agent. A lot of times, when the HUB cannot detect the agent, it is because of either a firewall or a closed port.

Here are the documents for connecting agents to the HUB. https://www.ossec.net/docs/docs/manual/agent/index.html

cponton

If you would like to try changing the password for the account, you can do so here:
www.atomicorp.com/amember/login

Once changed, update the oum.conf directly and then try and run oum update

cponton

Please go into the oum file at /var/ossec/etc/oum.conf and verify that the credentials have been input to the file and that they are correct. make any changes needed and then save the file.

The run oum update

cponton

We do not have any documentation on the module at this time, no. When one is available, we will it post here.

cponton

Hello!

Both agent registration and communication are AES256 encrypted and handled via TLS by default
https://docs.atomicorp.com/AEO/index.html

cponton

Please verify your credentials are entered correctly in /var/ossec/oum.conf

If you believe you may need a password reset, please email us at support@atomicorp.com so we can send that to your privately. Thanks!

cponton

sp0k wrote: ↑Sat Apr 10, 2021 6:13 pm Hi,
I've got the same problem. Tried with 2 different accounts but the problem remain.

I will be sending you an email from our support channel to assist with your issues.

cponton

Only CentOS 7/8 and RHEL 7/8 are supported at this time for the OSSEC+ HUB. Ubuntu boxes can be added as agents, though.

cponton

Hello!

Please verify the email you signed up under. If you would prefer, you can send that email to support@atomicorp.com and we can help you there so to keep your info private.
Thanks!

Atomicorp

Search found 24 matches

Re: How to configure ossec.conf in windows agent for directory/file monitoring

Re: OSSEC Virtual Appliance

Re: After installing 3.6.0 it doesn't start due to Could not open file '/var/ossec/ossec-agent/etc/internal_options.conf

Re: OSSEC Virtual Appliance

Re: Evereyone

Re: Evereyone

Re: How do I connect OSSEC Server and Client together in Virtualbox?

Re: ERROR: Download failed with ERROR (6)

Re: ERROR: Download failed with ERROR (6)

Re: ASL Kernel Status

Re: TLS Support for OSSEC agent/master comms?

Re: oum update ERROR: Download failed with ERROR (6)

Re: ossec+

Re: oum install kofe: "no match"

Re: ossec+