• 安装wazuh-agent


    安装wazuh-agent

    1. windows

    下载地址:https://packages.wazuh.com/3.x/windows/wazuh-agent-3.9.5-1.msi

    安装运行

    1. 设置服务端ip
    2. 设置服务端生成的key.

    设置端生成ip

    root@wazuh-manager:/# /var/ossec/bin/manage_agents
    #1. 按A添加一个agent,ip如果不是固定的,输入any
    #2. 按E查看提取指定agent的key  先输入机器的id号,然后复制下来输入到agent中
    ****************************************
    * Wazuh v3.9.3 Agent manager.          *
    * The following options are available: *
    ****************************************
       (A)dd an agent (A).
       (E)xtract key for an agent (E).
       (L)ist already added agents (L).
       (R)emove an agent (R).
       (Q)uit.
    Choose your action: A,E,L,R or Q: E
    
    Available agents:
       ID: 003, Name: alihk, IP: any
       ID: 004, Name: win1064Bit-msv, IP: any
    Provide the ID of the agent to extract the key (or 'q' to quit): 004
    
    Agent key information for '004' is:
    MDA0IHdpbjEwNjRCaXQtbXN2IGFueSBmM2ExZjRlMGIzOTkyMTE4ODUyMTBiMDA5NzNlYjI2NDI4OWViNjVkYTg0YzkyM2NkYjEwYjY1MzY0MzM4ODA3
    

    2. debain

    apt-get install curl apt-transport-https lsb-release gnupg2
    curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
    echo "deb https://packages.wazuh.com/3.x/apt/ stable main" | tee /etc/apt/sources.list.d/wazuh.list
    apt-get update
    #设置wazuh服务端ip
    WAZUH_MANAGER_IP="192.168.1.90" 
    apt-get install wazuh-agent
    #关闭wazuh更新
    sed -i "s/^deb/#deb/" /etc/apt/sources.list.d/wazuh.list
    apt-get update
    

    手动配置版本

    • 配置ossec.conf中的manage_ip为服务端ip
      vim /var/ossec/etc/ossec.conf
    • 导入服务端的key
      /var/ossec/bin/manage_agents
      systemctl restart wasuh-agent

    3. centos

    和debain操作都差不多,只是安装不一样.

    # rpm --import http://packages.wazuh.com/key/GPG-KEY-WAZUH
    # cat > /etc/yum.repos.d/wazuh.repo <<EOF
    [wazuh_repo]
    gpgcheck=1
    gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH
    enabled=1
    name=Wazuh repository
    baseurl=https://packages.wazuh.com/3.x/yum/
    protect=1
    EOF
    

    yum install wazuh-agent

  • 相关阅读:
    TCP/IP网络编程之优于select的epoll(一)
    TCP/IP网络编程之I/O流分离
    TCP/IP网络编程之套接字与标准I/O
    TCP/IP网络编程之多播与广播
    TCP/IP网络编程之多种I/O函数
    TCP/IP网络编程之I/O复用
    TCP/IP网络编程之进程间通信
    TCP/IP网络编程之多进程服务端(二)
    服务器被入侵了怎么办?
    sentos7为例添加python3和python2共存
  • 原文地址:https://www.cnblogs.com/lovesKey/p/11503440.html
Copyright © 2020-2023  润新知