Navigation
Documentation

From OSSEC Wiki

Jump to: navigation, search

How to troubleshoot ossec

If you are having problems with ossec, the first thing to do is to look at your logs.
For Unix/Linux, the logs will be at /var/ossec/logs/ossec.log
and for Windows, they will be at C:\Program Files\ossec-agent\ossec.log.

If by looking at them, you can't find out the error, we suggest you to send an e-mail to one of our mailling lists with the following information: 

 * OSSEC version number.
   run ossec-analysisd -V
 * Content of /etc/ossec-init.conf
 * Content of /var/ossec/etc/ossec.conf (or C:\Program Files\ossec-agent\ossec.log if Windows)
 * Content of /var/ossec/logs/ossec.log
 * Operating system name/version (uname -a if Unix)
 * Any other relevant information.
Retrieved from "http://www.ossec.net/wiki/Community_manual:Troubleshooting"