The probems I see with a load balanced setup: - agents must understand a roundrobin/sticky load balancer setup with 2 OSSEC managers - OSSEC managers must share their client keys - Both OSSEC managers must supply their logfiles to 1 dashboard (Splunk or Kibana).
I hope these things are easy to overcome? Any pointers or help would be usefull. Michiel Op donderdag 31 oktober 2013 15:19:40 UTC+1 schreef Michiel van Es: > > Hello, > > I am planning to setup OSSEC 2.7 for my company for about 500+ servers and > some appliances. > It will be running on Red Hat 5 + 6 agents mainly. > > There is a company policy that one server is the same a no server at all > (redundancy is a must in my company). > > Is it possible to create a redundant setup of 2 OSSEC managers, having the > port 1514 UDP load balanced and both servers store their entries and > databases/keys on a NAS or single (redundant) storage platform? > > Has aynone else created such a setup? > I want to use rsync/bash scripting as less as possible to make the setup > easy to maintain :) > > Michiel > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.