Need to install OSSEC and OSSIM in you network.
First we extract key from OSSIM
1. Go to OSSIM web UI and navigate to 'environment' => 'detection'
2. Click on 'Agents'
3. Pick agent and click on key icon for 'Extract Key'
Add agent for OSSEC
1. From below command we can find agents
/var/ossec/bin/manage_agents -l
2. Open “manage agents”
/var/ossec/bin/manage_agents
it will ask few questions
* A name for the new agent: test
* The IP Address of the new agent: 192.168.100.18
* An ID for the new agent[001]: 002
3. Add agent for OSSEC
/var/ossec/bin/manage_agents –i <key>
Now I will check that agent is added
No comments:
Post a Comment