X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;ds=sidebyside;f=doc%2Fmanage_agents.txt;fp=doc%2Fmanage_agents.txt;h=3ff392f0875938650fab0a645c74ca90564ab0ad;hb=ff0e686ac67bbd82b60c277eb324910dbc60f65f;hp=0000000000000000000000000000000000000000;hpb=33a81e69474ae91ecec4e991debe59e26bb330fd;p=ossec-hids.git diff --git a/doc/manage_agents.txt b/doc/manage_agents.txt new file mode 100644 index 0000000..3ff392f --- /dev/null +++ b/doc/manage_agents.txt @@ -0,0 +1,32 @@ + +== How to add an agent without any keyboard input == + +By default, to add an agent from server side, you must provide your agent +information to `manage_agents` program, by using its interactive mode. +This is really tedious if you have many servers / agents to add. Luckily, +you can use following environment variables as responses + + | variable name | value | description | + +------------------------+---------+----------------------+ + | OSSEC_ACTION | A/a | add an agent | + | OSSEC_AGENT_NAME | string | name of agent | + | OSSEC_AGENT_IP | CIDR | ip address of agent | + | OSSEC_AGENT_ID | integer | max length = 8 | + | OSSEC_AGENT_KEY | string | base64 format | (*) + | OSSEC_ACTION_CONFIRMED | y/Y/n/N | y -> confirmed | + + (*) OSSEC_AGENT_KEY is used only on agent (when key is being imported) + +Please note that it's your duty to ensure that name, ip,... of agent are +valid. Otherwise, the program will fall back to interactive mode. In most +case, you should ensure that you new agent has an unique name/id. You can +simply know that by using `manage_agents -l` to list all known agents. + +For more details, please refer to OSSEC document + http://www.ossec.net/doc/manual/agent/agent-management.html + +PS: you may use some tools (`expect`) to send strings to `manage_agents`, +insead of using the above environment variables. It's your choice. + +-- +Anh K. Huynh