Troubleshooting OSSEC issues

From Notes_Wiki
Revision as of 13:52, 31 March 2015 by Saurabh (talk | contribs) (Created page with "<yambe:breadcrumb>OSSEC|OSSEC</yambe:breadcrumb> =Troubleshooting OSSEC issues= For troubleshooting OSSEC issues try following: # Restart ossec service on ossec server #:Noti...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

<yambe:breadcrumb>OSSEC|OSSEC</yambe:breadcrumb>

Troubleshooting OSSEC issues

For troubleshooting OSSEC issues try following:

  1. Restart ossec service on ossec server
    Notice that ossec-remoted starts (use /var/ossec/bin/ossec-controld restart)
  2. Restart ossec service on client
  3. Verify details in /var/ossec/etc/ossec.conf file
  4. Verify key is same in /var/ossec/etc/client.keys in both server and client
  5. Restart ossec machine
  6. Restart client machine
  7. Look at /var/ossec/log/ossec.log file for hints
Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Troubleshooting_OSSEC_issues&oldid=2048"