-
Notifications
You must be signed in to change notification settings - Fork 1k
/
INSTALL
78 lines (52 loc) · 2.09 KB
/
INSTALL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
OSSEC v3.8.0
Copyright (C) 2019 Trend Micro Inc.
= Information about OSSEC =
Visit https://www.ossec.net
= Recommended Installation =
OSSEC installation is very simple. It can be done in the
fast way (using the script install.sh with the default values)
or in the customized way (by hand or by changing the default values
in the install.sh script). I REALLY recommend EVERYONE to use the
FAST WAY! Only developers or experienced people should use the
other methods.
Before running the script, make sure your system has the necessary
libraries and tools installed:
- libssl
- libpcre2
- libz
- make, gcc
- libsystemd-dev
On a Ubuntu/Debian system, these can be installed with:
apt install libz-dev libssl-dev libpcre2-dev build-essential libsystemd-dev
Fast way steps:
1- Run the script ./install.sh. It will guide you through the
installation process.
2- The script will create everything in /var/ossec and try to
create the initialization script in your system (/etc/rc.local
or /etc/rc.d/init.d/ossec). If the init script is not created,
make sure to follow the instructions from the install.sh to make
OSSEC HIDS start during the boot. To start it by hand, just run
/var/ossec/bin/ossec-control start
3- If you are running it on multiple clients, make sure to install
the server first. Use the manage_agents tool
to create the right encryption keys.
4- Enjoy.
= Installation and Running (99.99% should read ABOVE) =
By Hand Installation steps:
1- Create the necessary directories (by default /var/ossec).
2- Move the necessary files to the ossec directory.
3- Compile everything.
4- Move the binaries to the default directory.
5- Create the necessary users.
6- Set the right permissions to the files.
This 5 steps are done in the Makefile (see make server).
The Makefile read the options from the LOCATION file. Change
whatever you need from there.
To compile everything by yourself:
% make clean
% make all (step 3)
% su
# make server (will do steps 1,2,4 and 6 above)
*Before running make server, make sure to have the necessary users created.
The Makefile will not do that.
#EOF