22.12.2012

ossec 2.6 + Fedora 17/18 with systemd

UPDATE: this works also for fedora 18
today i have to install the ossec-agent on many fedora 17 clients that uses systemd
  • wget http://www.ossec.net/files/ossec-hids-2.6.tar.gz
  •  tar xvfz ossec-hids-2.6.tar.gz
  •  start the installtion process: install.sh
  • select the agent installation
  • generate a key on the server (/var/ossec/bin/manage_agents)
  • import the key into the fedora 17 client (/var/ossec/bin/manage_agents)
  • start up the ossec-agent: /var/ossec/bin/ossec-control start
  • check if you get an e-mail with informations about the new agent "New ossec agent connected."
  • stop the agent: /var/ossec/bin/ossec-control stop
  • create a system start script: vim /usr/lib/systemd/user/ossec.service
[Unit]
Description=to start up ossec
After=syslog.target network.target

[Service]
ExecStart=/var/ossec/bin/ossec-control start
ExecStop=/var/ossec/bin/ossec-control stop
Type=forking

[Install]
WantedBy=basic.target
  • enable the service: systemctl enable /usr/lib/systemd/user/ossec.service
  • start the service: systemctl start ossec.service
  • check the service: systemctl status ossec.service
  • doublecheck the service: ps aux | grep -i ossec
  • reboot you system and check if the ossec-agent is up
 

Keine Kommentare:

Kommentar veröffentlichen