Difference between revisions of "How to check OSSEC Server logs."

From khika
Jump to navigation Jump to search
(Created page with "==How to check OSSEC Server logs.== 1. To check the logs of your ossec server which is installed on your KHIKA Aggregator for debugging, You must need to go to the following...")
 
(How to check OSSEC Server logs.)
 
Line 8: Line 8:
 
5. Type the following command to check the log file (ossec.log).<br>
 
5. Type the following command to check the log file (ossec.log).<br>
 
     '''tail -f ossec.log'''
 
     '''tail -f ossec.log'''
6. Refer to the screenshot given below:
+
6. Refer to the screenshot given below: <br>
[[File:Win129.jpg|700px]]  
+
[[File:Win129.jpg|700px]] <br>
 
7. You can also open the file in the vi Editor the check for the occured issues. For this you may need to use the following command to open the log file of ossec server in vi editor:
 
7. You can also open the file in the vi Editor the check for the occured issues. For this you may need to use the following command to open the log file of ossec server in vi editor:
 
     '''vi ossec.log'''
 
     '''vi ossec.log'''
 
8. This is how you can check the ossec server side logs.
 
8. This is how you can check the ossec server side logs.

Latest revision as of 12:11, 13 August 2019

How to check OSSEC Server logs.

1. To check the logs of your ossec server which is installed on your KHIKA Aggregator for debugging, You must need to go to the following directory:

   /opt/ossec/logs

2. Become root user using the command "sudo su"
3. Go the the above mentioned directory using "cd /opt/ossec/logs" command.
4. Type " ls -ltrh " to list the files and directories present in the directory.
5. Type the following command to check the log file (ossec.log).

   tail -f ossec.log

6. Refer to the screenshot given below:
Win129.jpg
7. You can also open the file in the vi Editor the check for the occured issues. For this you may need to use the following command to open the log file of ossec server in vi editor:

   vi ossec.log

8. This is how you can check the ossec server side logs.