ossec-remoted¶
ossec-remoted is the server side daemon that communicates with the agents.
It can listen to port 1514/udp (for OSSEC communications) and/or 514 (for syslog).
It runs as ossecr and is chrooted to /var/ossec by default.
ossec-remoted is configured in the <remote> section of ossec.conf.
(see ossec.conf: Remote Options)
ossec-remoted argument options¶
-
-c<config>¶ Run
ossec-remotedusing <config> as the configuration file.Default: /var/ossec/etc/ossec.conf
-
-D<dir>¶ Chroot to <dir>.
Default: /var/ossec
-
-d¶ Execute ossec-remoted in debug mode. This can be used more than once to increase the verbosity of the debug messages.
-
-f¶ Run ossec-remoted in the foreground.
-
-g<group>¶ Run
ossec-remotedas <group>.
-
-h¶ Display the help message.
-
-t¶ Test configuration.
-
-u<user>¶ Run
ossec-remotedas <user>.Default: ossecm
-
-V¶ Version and license information.