Kirk Frankovich
unread,Dec 10, 2009, 5:19:04 PM12/10/09Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to ossec...@googlegroups.com
I filed a report on the uservoice site, but I wanted to post this to the
mailing list to see if anyone else has seen this or knows of this.
This morning I deployed OSSEC live for the first time. I installed the
server and connected two agents.
Once everything was up and communicating, I ran ./agent_control -r -u
001 and ./agent_control -r -u 002 from the server to kick off a scan on
my two agents (I disable scan at startup).
Within a minute or two, agent 001 was running a scan, but 002 was not.
After 30 minutes, 002 still had not kicked off a scan, so I reran the
agent_control command. The second command didn't appear to do anything
either (though I only waited a minute or two). So I ran it about five
times in a row. Finally agent 002 kicked off a scan.
This afternoon I added some additional agents and ran into the same
thing.
Can anyone help with this?
--
Confidentiality Notice: This e-mail, including attachments, may include confidential and/or proprietary information, and may be used only by the person or entity to which it is addressed. If the reader of this e-mail is not the intended recipient or his or her authorized agent, the reader is hereby notified that any dissemination, distribution, copying or taking any action in reliance upon this information is prohibited. If you have received this e-mail in error, please notify the sender by replying to this message and delete this e-mail immediately.
This message was scanned by ESVA and is believed to be clean.