How to install and deploy clients in batch by ossec in CentOS 7 02/23 Update SLTechnology News&Howtos

How to install and deploy clients in batch by ossec in CentOS 7

2025-02-23 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Shulou(Shulou.com)05/31 Report--

This article mainly shows you the "CentOS 7 ossec how to batch install and deploy the client", the content is easy to understand, clear, hope to help you solve your doubts, the following let the editor lead you to study and learn "CentOS 7 ossec how to batch install and deploy the client" this article.

Environmental preparation

Server:192.168.244.3

Client: 192.168.244.4

two。 Set up ftp to download configuration files

[root@ossec-server ~] # yum-y install httpd [root@ossec-server ~] # service httpd start [root@ossec-server ~] # mkdir / var/www/html/ossec [root@ossec-server ~] # cd / var/www/html/ossec [root@ossec-server ossec] # systemctl stop firewalld

3. Visit http://192.168.244.3/ossec

4. Create a file ip.txt to store ip address information

[root@ossec-server ~] # cat ip.txt agent01:192.168.244.4

5. Create a script to generate key

#! python#-*-coding: utf-8-*-import os if _ _ name__ = ='_ _ main__': save_keys_path = "keys.logs" f = open ("ip.txt") lines = f.read (). Splitlines () f.close () # perl file in the installation package shell_path = "/ root/ossec-hids-2.8.3/contrib/ossec-batch-manager.pl" for line in lines: Arr = line.split (":") host_name = arr [0] ip = arr [1] # the server adds the client cmd = "% s-a-- ip% s-- name% s" based on name and ip (shell_path Ip,host_name) os.system (cmd) cmd = "s-e% s > >% s"% (shell_path,ip,save_keys_path) os.system (cmd)

6. Install the necessary packages

Yum-y install perl-Digest-MD5yum-y install perl-Time-HiRes

7. Generate key file / var/ossec/etc/client.keys

8. Execute script

[root@ossec-server ~] # python key_gen.py [root@ossec-server ~] # cat / var/ossec/etc/client.keys 001 agent01 192.168.244.4 316260854925970ce8953064b1ff2fafe1245f38dd06ed1203a60f9a465a9f44

9, put the files and packages needed by the client in ftp

[root@ossec-server ~] # cd / var/www/html/ossec [root@ossec-server ossec] # tar xf ossec_client_conf.tar.gz [root@ossec-server ossec] # lltotal 2416 root root RW Dec 15 21:49 client.keys-rw-r--r-- 1 root root 820077 Dec 16 02:22 ossec_client_conf.tar.gz-rw-r--r-- 1 root root 2781 Dec 28 23:55 ossec. Conf-rw-r--r-- 1 root root 1634812 Apr 17 2015 ossec-hids-2.8.3.tar.gz-rwxr-xr-x 1 root root 3275 Dec 16 02:16 preloaded-vars.conf modifies the configuration file to automatically install without interaction [root@ossec-server ossec] # grep-Ev'^ # | ^ $'preloaded-vars.conf USER_LANGUAGE= "en" # For englishUSER_NO_STOP= "y" USER_INSTALL_TYPE= "agent" USER_DIR= "/ Var/ossec "USER_ENABLE_ACTIVE_RESPONSE=" y "USER_ENABLE_SYSCHECK=" y "USER_ENABLE_ROOTCHECK=" y "USER_AGENT_SERVER_IP=" 192.168.244.3 "

10. Client batch agent batch installation

[root@ossec-client01 ~] # yum-y install gcc [root@ossec-client01 ~] # systemctl stop firewalld

11. Execute script to install agent client automatically

[root@ossec-client01 ~] # sh ossec-agent-batch-install.sh [root@ossec-client01 ~] # cat ossec-agent-batch-install.sh #! / bin/bashyum-y install gcccd / usr/localwget http://192.168.244.3/ossec/ossec-hids-2.8.3.tar.gztar xf ossec-hids-2.8.3.tar.gzcd ossec-hids-2.8.3/etc/mv preloaded-vars.conf preloaded-vars.conf.bakwget http: / / 192.168.244.3/ossec/preloaded-vars.confcd... / install.shcd / opt/ossec/etcwget http://192.168.244.3/ossec/client.keysHOST_IP=`/sbin/ifconfig eth0 | grep 'Bcast' | cut-d:-f2 | cut-d'-f1`sed-I'/'$hostworthy IP cards / opt/ossec/etc/client.keysrm-rf ossec.confwget http://192.168.244.3/ossec/ossec.confcd. / bin/ossec-control start

twelve。 View Port

[root@ossec-client01] # netstat-lanpu | grep ossecudp 00 192.168.244.4 grep ossecudp 60090 192.168.244.3 ESTABLISHED 4827/ossec-agentd 1514 [root@ossec-server] # / var/ossec/bin/agent_control-lcOSSEC HIDS agent_control. List of available agents: ID: 000, Name: ossec-server (server), IP: 127.0.0.1, Active/Local ID: 001, Name: agent01, IP: 192.168.244.4, Active is all the contents of this article "how to install and deploy clients in batch in CentOS 7". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.