Lance Grover

Lance Grover

Setup OSSEC agent on a CentOS7 system with Alienvault server

Posted date:


Time to get some OSSEC on and connect an agent to Alienvault…  There is a bunch of people out there that are compiling, and not many using the RPM, or they forget to install both RPMs…

  1. wget -q -O – http://www.atomicorp.com/installers/atomic.sh | sh
  2. yum install ossec-hids ossec-hids-client
  3. add agent config to Alienvault
  4. extract key
  5. # /var/ossec/bin/manage_client
    (I – to import the key from Alienvault)
  6. modify /var/ossec/etc/ossec-agent.conf
    (change server ip address)
  7. service ossec-hids start
  8. chkconfig ossec-hids on
  9. On the Alienvault server – restart the ossec server in Environment-Detection-HIDS-Ossec Control