After succesfully installing docker-wazuh i want to connect the first agent:
sudo systemctl start wazuh-agent
Job for wazuh-agent.service failed because the control process exited with error code.
See "systemctl status wazuh-agent.service" and "journalctl -xe" for details.
When i examine the status i find:
systemctl status wazuh-agent.service
● wazuh-agent.service - Wazuh agent
Loaded: loaded (/usr/lib/systemd/system/wazuh-agent.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Fri 2024-05-03 16:46:52 CEST; 3s ago
Process: 35264 ExecStart=/usr/bin/env /var/ossec/bin/wazuh-control start (code=exited, status=1/FAILURE)
May 03 16:46:52 poehoes systemd[1]: Starting Wazuh agent...
May 03 16:46:52 poehoes env[35287]: 2024/05/03 16:46:52 wazuh-agentd: ERROR: (4112): Invalid server address found: 'MANAGER_IP'
May 03 16:46:52 poehoes env[35287]: 2024/05/03 16:46:52 wazuh-agentd: ERROR: (1215): No client configured. Exiting.
May 03 16:46:52 poehoes env[35264]: wazuh-agentd: Configuration error. Exiting
May 03 16:46:52 poehoes systemd[1]: wazuh-agent.service: Control process exited, code=exited, status=1/FAILURE
May 03 16:46:52 poehoes systemd[1]: wazuh-agent.service: Failed with result 'exit-code'.
May 03 16:46:52 poehoes systemd[1]: Failed to start Wazuh agent.
It appears the file /var/ossec/etc/ossec.conf will use this MANAGER_IP, but in the config is written
But when i made a variable from MANAGER_IP to $MANAGER_IP it still did not work. Only when i configured the hard IP-address the agent made the connection.
After succesfully installing docker-wazuh i want to connect the first agent:
When i examine the status i find:
It appears the file /var/ossec/etc/ossec.conf will use this MANAGER_IP, but in the config is written
I thought should be:
But when i made a variable from MANAGER_IP to $MANAGER_IP it still did not work. Only when i configured the hard IP-address the agent made the connection.