OSSEC
3.6.0
About
Documentation
Get OSSEC+
Downloads
Site
Manual
Frequently asked questions
User submitted Cookbooks
Build, compile, and not much more
oRFC:
Syntax and Options
Output Formats
Man pages
Examples
« cef log format:
agent-auth »
Man pages
ΒΆ
agent-auth
agent-auth argument options
Optional Server Authentication - client side
Optional Client Authentication
agent-auth example usage
Example: Adding an agent with a hostname
Example: Adding an agent and verifying the certificate presented by ossec-authd
Example: Adding an agent and presenting a certificate to ossec-authd
agent_control
agent_control argument options
agent_control example usage
Example 1: Listing all active agents
Example 2: Querying information from agent 002
Example 3: Executing syscheck and rootcheck scan immediately
clear_stats
clear_stats argument options
list_agents
list_agents argument options
manage_agents
manage_agents argument options
Usage
ossec-agentd
ossec-agentd argument options
ossec-agentlessd
ossec-agentlessd argument options
ossec-analysisd
ossec-analysisd argument options
ossec-authd
ossec-authd argument options
Creating SSL keys
Optional Client Authentication - server side
ossec-authd example usage
Example: Running ossec-authd
Example: Running ossec-authd with client authentication
ossec-control
ossec-control argument options
ossec-control example usage
Example: Running ossec-control
ossec-csyslogd
ossec-csyslogd argument options
ossec-dbd
ossec-dbd argument options
ossec-execd
ossec-execd argument options
ossec-logcollector
ossec-logcollector argument options
ossec-logtest
osssec-logtest argument options
Caveats
ossec-logtest example usage
Example 1: Testing standard rules
Example 2: Using OSSEC for the forensic analysis of log files
ossec-maild
ossec-maild argument options
ossec-makelists
ossec-makelists argument options
ossec-makelists example usage
Example: Running ossec-makelists and an update is necessary
Example: Running ossec-makelists when no update is necessary
ossec-monitord
ossec-monitord argument options
ossec-regex
ossec-remoted
ossec-remoted argument options
ossec-reportd
ossec-reportd argument options
ossec-reportd example usage
Example 1: Show Successful Logins
Example 2: Show Alerts Level 10 and Greater
Example 3: Show the srcip for all users
Example 4: Show Changed files as reported by Syscheck
Example output
ossec-syscheckd
ossec-syscheckd argument options
rootcheck_control
rootcheck_control argument options
rootcheck_control example usage
Example 1: Getting a list of system auditing/policy monitoring events
Example 2: Clearing the system auditing/policy database
syscheck_control
syscheck_control argument options
syscheck_control example usage
Example 1: Getting a list of modified files for an agent
Example 2: Getting more detailed information about a modified file
Example 3: Clearing the syscheck database
syscheck_update
syscheck_update argument options
util.sh
util.sh argument options
util.sh example usage
Example: Running util.sh
verify-agent-conf
verify-agent-conf example usage
Example 1: Running verify-agent-conf on a working agent.conf
Example 2: Running verify-agent-conf on a non-working agent.conf