ossec-analysisd receives the log messages and compares them to the rules. It will create alerts when a log message matches an applicable rule.

ossec-analysisd argument options

-c <config>

Configuration file ossec-analysisd should use.

-D <dir>

Chroot to <dir>.


Execute ossec-analysisd in debug mode. This can be used more than once to increase the verbosity of the debug messages.


Run ossec-agentlessd in the foreground.

-g <group>

Run as group.


Display a help message.


Test the configuration.


Run as user.


Display the version and license information.