How to check Linux Ossec Agent logs.

From khika
Revision as of 12:16, 13 August 2019 by Rituja darandale (talk | contribs) (How to check Linux Ossec Agent logs.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

How to check Linux Ossec Agent logs.

1. To check the logs of your ossec agent installed on your linux server for debugging, You must need to go to the following directory: 

   /opt/ossec/logs

2. Become root user using the command "sudo su" 3. Go the the above mentioned directory using "cd /opt/ossec/logs" command.
4. type " ls -ltrh " to list the files and directories present in the directory.
5. type the following command to check the log file (ossec.log ).

   tail -f ossec.log

6. Refer to the screenshot given below:
Win130.jpg
7. You can also open the file in the vi Editor the check for the issues related to connection with Ossec Server. For this you may need to use the following command to open the log file of ossec agent in vi editor: 

   vi ossec.log

8. This is how you can check the logs of your ossec agent for troubleshooting.

Retrieved from "http://khika.com/wiki/index.php?title=How_to_check_Linux_Ossec_Agent_logs.&oldid=2348"