REMOTE COMMANDS ARE NOT ACCEPTED FROM THE MANAGER. IGNORING IT ON THE AGENT.CONF

[lê danh]

Hello everyone, I want to use ossec to be able to track progress on a windows computer, follow the instructions from here (http://santi-bassett.blogspot.com/2015/08/how-to-monitor -running-processes-with-ossec.html).

I did it exactly according to the instructions on the windows machine (windows server 2012):

- In the file internal_options.conf I have converted       logcollector.remote_commands = 1

- I also added in the file local_internal_options.conf        logcollector.remote_commands = 1

On OSSEC server (ossec 3.1.0) I configured the agent.conf file as follows:

<agent_config os = "windows">

    <localfile>

        <log_format> full_command </log_format>

        <command> tasklist </command>

        <frequency> 60 </frequency>

    </localfile>

</agent_config>

But when I verify agent.conf, the message is as follows:

2020/07/13 21:02:42 verify-agent-conf: Remote commands are not accepted from the manager. Ignoring it on the agent.conf

2020/07/13 21:02:42 verify-agent-conf (1202): ERROR: Configuration error at '/var/ossec/etc/shared/agent.conf'. Exiting.

Hope everyone can show me how to fix this, thank you very much

[dan (ddp)]

Did you restart the ossec service on the agent?

> --
>
> ---
> You received this message because you are subscribed to the Google Groups "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/2fc0eeb8-3a30-45d4-b8c4-2e0ec2b649b3o%40googlegroups.com.

[lê danh]

Yes, i did it, but not work, i don't no why ??

Vào 00:35, T.3, 14 Th7, 2020 dan (ddp) <ddp...@gmail.com> đã viết:

To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/CAMyQvMrjBq1zMWVZbTwcn%2BUkGzG5Tesw7usy8VEW5bKA9Gtrng%40mail.gmail.com.