688
edits
Changes
From SME Server
Jump to navigationJump to searchUpdate agent config for wazuh 3.x
Line 12:
Line 12:
The [https://documentation.wazuh.com/2.0/installation-guide/installing-wazuh-agent/wazuh_agent_rpm.html Wazuh Client Installation Instructions] say to use '''yum install wazuh-agent''' (which, since the repo created above is disabled by default, would need to be '''yum --enablerepo=wazuh install wazuh-agent''' on a SME server), but this does not work...+Instead, I had to download the rpm and do use localinstall+ <nowiki>mkdir -p ~/wazuh+cd ~/wazuh+
−wget https://packages.wazuh.com/yum/rhel/6Server/x86_64/wazuh-agent-2.0.1-1.rhel6.x86_64.rpm+yum --enablerepo=wazuh localinstall wazuh-agent-2.0.1-1.rhel6.x86_64.rpm+
+You also need to enter "Ip.of.wazuh.srvr" into <server-ip>...</server-ip> in this file:+ /var/ossec/etc/ossec.conf
−
−Then start the agent
===Agent Configuration===
===Agent Configuration===
−[https://documentation.wazuh.com/current/installation-guide/installing-wazuh-agent/wazuh_agent_rpm.html Wazuh Client Installation Instructions]
−Wazuh 3.x installs correctly from the yum repository:
− yum --enablerepo=wazuh install wazuh-agent
−Create the client account on the wazuh manager:
− /var/ossec/bin/agent-auth -m [ip.of.wazuh.server]
−/var/ossec/bin/agent-auth -m <Ip.of.wazuh.srvr>
+Replace "MANAGER_IP" with the IP address of the wazuh manager in this section of /var/ossec/etc/ossec.conf:
+ <nowiki>...
+<client>
+ <server>
+ <address>MANAGER_IP</address>
+ </server>
+ <config-profile>rhel, rhel6</config-profile>
+</client>
+...
</nowiki>
</nowiki>
−Start the agent
− /etc/init.d/wazuh-agent start
/etc/init.d/wazuh-agent start
