ossec-agentd on arm64 generates incorrectly formatted messages

ossec / ossec-hids

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

http://www.ossec.net

Other

4.33k stars 1.02k forks source link

ossec-agentd on arm64 generates incorrectly formatted messages #2079

Open afunix opened 1 year ago

afunix commented 1 year ago

ossec-remoted runs on CentOS7 on x86_64. When ossec-agentd runs on Raspberry Pi with armv7l kernel (5.15.84-v7l+), agent is able to communicate with the server. When ossec-agentd runs on Raspberry Pi with aarch64 kernel (6.1.19-v8+), server complains:

2023/03/19 09:55:52 ossec-remoted(1403): ERROR: Incorrectly formatted message from 'any'.

ossec-agentd-s are compiled from source locally on Pis.

wolle604 commented 1 year ago

Hey, Try the following:

/var/ossec/bin/ossec-control stop
rm /var/ossec/queue/rids/<agent id>
/var/ossec/bin/ossec-control start I had the same problem and it worked for me. Best wishes