How to check Linux Ossec Agent logs.

From khika
Jump to navigation Jump to search

How to check Linux Ossec Agent logs.

1. To check the logs of your ossec agent installed on your linux server for debugging, You must need to go to the following directory: 

   /opt/ossec/logs

2. Become root user using the command "sudo su" 3. Go the the above mentioned directory using "cd /opt/ossec/logs" command.
4. type " ls -ltrh " to list the files and directories present in the directory.
5. type the following command to check the log file (ossec.log ).

   tail -f ossec.log

6. Refer to the screenshot given below:
Win130.jpg
7. You can also open the file in the vi Editor the check for the issues related to connection with Ossec Server. For this you may need to use the following command to open the log file of ossec agent in vi editor: 

   vi ossec.log

8. This is how you can check the logs of your ossec agent for troubleshooting.

Retrieved from "http://khika.com/wiki/index.php?title=How_to_check_Linux_Ossec_Agent_logs.&oldid=2348"