Atomicorp

So, I've followed OSSEC's installation instruction. Basically the Automated installation part. Now, I want to connect both the Server and Client together. How do I do that? Is there any other steps I should do first before connecting them together?

I kind of extracted the Agent's key and added the OSSEC Agent but the Server didn't detect it at all.

Do you think there's something wrong with my network settings for these Virtualboxes? I installed both on Ubuntu 20.04. All updated by 3 June, 2021

Server Agent

Verify that you can ping the server box from the agent. A lot of times, when the HUB cannot detect the agent, it is because of either a firewall or a closed port.

Here are the documents for connecting agents to the HUB. https://www.ossec.net/docs/docs/manual/agent/index.html

Yeah I think by default virtualbox doesn't let you communicate with the guest VM from the host system

cponton wrote: ↑Tue Jun 08, 2021 8:40 am Verify that you can ping the server box from the agent. A lot of times, when the HUB cannot detect the agent, it is because of either a firewall or a closed port.

Here are the documents for connecting agents to the HUB. https://www.ossec.net/docs/docs/manual/agent/index.html

I can definitely ping them between each other

Ok thats good, it could be the key. A good way to provision those is to use the ossec-authd service on the server, and the agent-auth client from the agent. Otherwise you could manually do it using manage_agents