Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
net/main/manual/manual-agent_control-tool/
Home
About
Documentation
Downloads
Support
Our Team
How it works? The first interesting command is “-lc”, to list the connected (active agents). To list all of
them, use “-l” only.
# /var/ossec/bin/agent_control -lc
OSSEC HIDS agent_control. List of available agents:
ID: 000, Name: enigma.ossec.net (server), IP: 127.0.0.1, Active/Local
ID: 002, Name: winhome, IP: 192.168.2.190, Active
ID: 005, Name: jul, IP: 192.168.2.0/24, Active
ID: 165, Name: esqueleto2, IP: 192.168.2.99, Active
ID: 174, Name: lili3win, IP: 192.168.2.0/24, Active
To query an agent, just use the “-i” option followed by the agent id.
# /var/ossec/bin/agent_control -i 002
To execute the syscheck/rootcheck scan immediately, use the “-r” option followed by the “-u” and the
agent id.
1 of 2 23/04/2009 11:51 AM
Manual: agent_control tool http://www.ossec.net/main/manual/manual-agent_control-tool/
# /var/ossec/bin/agent_control -r -u 000
# /var/ossec/bin/agent_control -h
Recent Entries
>Rootcheck updated to v2.0Mar 6
>OSSEC v2.0 releasedFeb 27
>v2.0 - What is comingJan 20
>OSSEC v1.6.1 releasedOct 9
(Archives)
Shortcuts
>Getting Started
>First steps
>Manual | Wiki
>Commercial Support
News/Announcements
>Join OSSEC Linked-in Group
>Join Mailing List
2 of 2 23/04/2009 11:51 AM