OSSEC服务端+客户端——开机启动各项服务命令

版权声明：本文为博主原创文章，未经博主允许不得转载。 https://blog.csdn.net/ll_xh/article/details/84129749

配置好Ossec服务端和客户端后，每次重启各虚拟机后需要先启动一些服务才能进行入侵检测，现对步骤流程做如下笔记：

---

服务端：

[matrix@localhost ~]$ su -
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl start mariadb
[root@localhost ~]# systemctl start sendmail.service 
[root@localhost ~]# cd ossec-hids-2.8.3
[root@localhost ossec-hids-2.8.3]# /opt/ossec/bin/ossec-control enable database
[root@localhost ossec-hids-2.8.3]# systemctl restart httpd
[root@localhost ossec-hids-2.8.3]# systemctl stop firewalld.service
[root@localhost ossec-hids-2.8.3]# setenforce 0
[root@localhost ossec-hids-2.8.3]# systemctl restart httpd
 

客户端：

root@kali:~# cd ossec-hids-2.8.3/
root@kali:~/ossec-hids-2.8.3# /opt/ossec/bin/ossec-control start
Starting OSSEC HIDS v2.8.3 (by Trend Micro Inc.)...
ossec-execd already running...
ossec-agentd already running...
ossec-logcollector already running...
ossec-syscheckd already running...
Completed.
 

服务端：

浏览器打开http://<你的服务器ip>/analogi/