{"id":18428,"date":"2016-01-28T15:23:55","date_gmt":"2016-01-28T21:23:55","guid":{"rendered":"https:\/\/www.rosehosting.com\/blog\/?p=18428"},"modified":"2022-12-12T05:04:59","modified_gmt":"2022-12-12T11:04:59","slug":"install-ossec-on-ubuntu-14-04","status":"publish","type":"post","link":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/","title":{"rendered":"Install OSSEC on Ubuntu 14.04"},"content":{"rendered":"<div id=\"bsf_rt_marker\"><\/div><p><img decoding=\"async\" class=\"size-full wp-image-18429 alignleft\" src=\"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2016\/01\/ossec.png\" alt=\"ossec\" width=\"191\" height=\"67\" \/>This article is the first part of the full tutorial for <strong>installing OSSEC server\/agent on an <a href=\"https:\/\/www.rosehosting.com\/ubuntu-hosting.html\" target=\"_blank\" rel=\"noopener noreferrer\">Ubuntu 14.04 VPS<\/a><\/strong>. This part covers the installation of OSSEC 2.8.3 (the latest stable version when this tutorial was written), it&#8217;s Web UI installation and shows how to enable MySQL support for OSSEC.<\/p>\n<p>OSSEC is an Open Source Host-based Intrusion Detection System. It mixes together all the aspects of HIDS (host-based intrusion detection) and Security Incident Management (SIM)\/Security Information and Event Management (SIEM) together in a simple, powerful, and open source solution.<!--more--><\/p>\n<p>OSSEC&#8217;s key benefits are:<\/p>\n<ul>\n<li>Compliance Requirements<\/li>\n<li>Multi platform<\/li>\n<li>Real-time and Configurable Alerts<\/li>\n<li>Integration with current infrastructure<\/li>\n<li>Centralized management<\/li>\n<li>Agent and agentless monitoring<\/li>\n<\/ul>\n<p>OSSEC performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. Check the <a href=\"https:\/\/ossec-docs.readthedocs.io\/en\/latest\/docs\/manual\/supported-systems.html\">operating systems and log formats<\/a> that OSSEC supports.<\/p>\n<p><strong>REQUIREMENTS<\/strong><\/p>\n<p>We will be using our SSD 1 <a href=\"https:\/\/www.rosehosting.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Linux VPS<\/a> Hosting plan for this tutorial.<\/p>\n<p>Log in to your server via SSH:<\/p>\n<pre># ssh root@server_ip<\/pre>\n<p>Before starting, enter the below command to check whether you have the proper version of Ubuntu installed on your machine:<\/p>\n<pre># lsb_release -a<\/pre>\n<p>It should give you the underneath output:<\/p>\n<pre>Distributor ID: Ubuntu\r\nDescription:    Ubuntu 14.04.3 LTS\r\nRelease:        14.04\r\nCodename:       trusty<\/pre>\n<p><strong>UPDATE THE SYSTEM<\/strong><\/p>\n<p>Make sure your server is fully up to date:<\/p>\n<pre># apt-get update &amp;&amp; apt-get upgrade<\/pre>\n<p>Now install Apache, MySQL, PHP and some needed modules with the below command:<\/p>\n<pre># apt-get install mysql-server libmysqlclient-dev mysql-client apache2 php5 libapache2-mod-php5 php5-mysql php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl<\/pre>\n<p><strong>INSTALL OSSEC<\/strong><\/p>\n<p>Enter the <strong>\/opt<\/strong> directory:<\/p>\n<pre># cd \/opt<\/pre>\n<p>Download OSSEC:<\/p>\n<pre># wget https:\/\/bintray.com\/artifact\/download\/ossec\/ossec-hids\/ossec-hids-2.8.3.tar.gz<\/pre>\n<p>Unpack the archive and enter the unpacked directory:<\/p>\n<pre># tar -xzf ossec-hids-2.8.3.tar.gz\r\n\r\n# cd ossec-hids-2.8.3<\/pre>\n<p>Enable the MySQL database support:<\/p>\n<pre># cd src\r\n\r\n# make setdb<\/pre>\n<p>Go back to the previous directory:<\/p>\n<pre># cd ..\/<\/pre>\n<p>Now, start the OSSEC installation script and follow the easy instructions:<\/p>\n<pre># .\/install.sh<\/pre>\n<p>Underneath is the output of the entire\u00a0installation procedure and the features that we enabled. Of course you choose which options to enable\/disable, but we recommend you to follow the output below. You can press enter if you want to go with the default choice (which is put in brackets) for every question asked.<\/p>\n<pre>OSSEC HIDS v2.8.3 Installation Script - http:\/\/www.ossec.net\r\n\r\n You are about to start the installation process of the OSSEC HIDS.\r\n You must have a C compiler pre-installed in your system.\r\n If you have any questions or comments, please send an e-mail\r\n to dcid@ossec.net (or daniel.cid@gmail.com).\r\n\r\n  - System: Linux vps 2.6.32-042stab113.11\r\n  - User: root\r\n  - Host: vps.rosehosting.com\r\n\r\n\r\n  -- Press ENTER to continue or Ctrl-C to abort. --<\/pre>\n<p>Press enter.<\/p>\n<pre>1- What kind of installation do you want (server, agent, local, hybrid or help)? server\r\n\r\n  - Server installation chosen.\r\n\r\n2- Setting up the installation environment.\r\n\r\n - Choose where to install the OSSEC HIDS [\/var\/ossec]:\r\n\r\n    - Installation will be made at  \/var\/ossec .\r\n\r\n3- Configuring the OSSEC HIDS.\r\n\r\n  3.1- Do you want e-mail notification? (y\/n) [y]:\r\n\r\n   - What's your e-mail address? user@example.com\r\n   - What's your SMTP server ip\/host? smtp.example.com\r\n\r\n  3.2- Do you want to run the integrity check daemon? (y\/n) [y]:\r\n\r\n   - Running syscheck (integrity check daemon).\r\n\r\n  3.3- Do you want to run the rootkit detection engine? (y\/n) [y]:\r\n\r\n   - Running rootcheck (rootkit detection).\r\n\r\n  3.4- Active response allows you to execute a specific\r\n       command based on the events received. For example,\r\n       you can block an IP address or disable access for\r\n       a specific user.\r\n       More information at:\r\n       http:\/\/www.ossec.net\/en\/manual.html#active-response\r\n\r\n   - Do you want to enable active response? (y\/n) [y]:\r\n\r\n     - Active response enabled.\r\n\r\n   - By default, we can enable the host-deny and the\r\n     firewall-drop responses. The first one will add\r\n     a host to the \/etc\/hosts.deny and the second one\r\n     will block the host on iptables (if linux) or on\r\n     ipfilter (if Solaris, FreeBSD or NetBSD).\r\n   - They can be used to stop SSHD brute force scans,\r\n     portscans and some other forms of attacks. You can\r\n     also add them to block on snort events, for example.\r\n\r\n   - Do you want to enable the firewall-drop response? (y\/n) [y]:\r\n\r\n     - firewall-drop enabled (local) for levels &gt;= 6\r\n\r\n   - Default white list for the active response:\r\n      - xxx.xxx.xxx.xx\r\n      - xx.xxx.xx.xxx\r\n\r\n   - Do you want to add more IPs to the white list? (y\/n)? [n]:\r\n\r\n  3.5- Do you want to enable remote syslog (port 514 udp)? (y\/n) [y]:\r\n\r\n   - Remote syslog enabled.\r\n\r\n  3.6- Setting the configuration to analyze the following logs:\r\n    -- \/var\/log\/messages\r\n    -- \/var\/log\/auth.log\r\n    -- \/var\/log\/syslog\r\n    -- \/var\/log\/mail.info\r\n    -- \/var\/log\/dpkg.log\r\n    -- \/var\/log\/apache2\/error.log (apache log)\r\n    -- \/var\/log\/apache2\/access.log (apache log)\r\n\r\n - If you want to monitor any other file, just change\r\n   the ossec.conf and add a new localfile entry.\r\n   Any questions about the configuration can be answered\r\n   by visiting us online at http:\/\/www.ossec.net .\r\n\r\n\r\n   --- Press ENTER to continue ---<\/pre>\n<p>Now press enter to continue with the installation which shouldn&#8217;t take more than 2 minutes. After everything is completed you will get:<\/p>\n<pre>- System is Debian (Ubuntu or derivative).\r\n - Init script modified to start OSSEC HIDS during boot.\r\n\r\n - Configuration finished properly.\r\n\r\n - To start OSSEC HIDS:\r\n                \/var\/ossec\/bin\/ossec-control start\r\n\r\n - To stop OSSEC HIDS:\r\n                \/var\/ossec\/bin\/ossec-control stop\r\n\r\n - The configuration can be viewed or modified at \/var\/ossec\/etc\/ossec.conf\r\n\r\n\r\n    Thanks for using the OSSEC HIDS.\r\n    If you have any question, suggestion or if you find any bug,\r\n    contact us at contact@ossec.net or using our public maillist at\r\n    ossec-list@ossec.net\r\n    ( http:\/\/www.ossec.net\/main\/support\/ ).\r\n\r\n    More information can be found at http:\/\/www.ossec.net\r\n\r\n    ---  Press ENTER to finish (maybe more information below). ---\r\n\r\n    - In order to connect agent and server, you need to add each agent to the server.\r\n   Run the 'manage_agents' to add or remove them:\r\n\r\n   \/var\/ossec\/bin\/manage_agents<\/pre>\n<p>Start OSSEC:<\/p>\n<pre># \/var\/ossec\/bin\/ossec-control start<\/pre>\n<p>The next\u00a0step\u00a0is to create a MySQL user and database for OSSEC. Enter MySQL as root:<\/p>\n<pre># mysql -u root -p\r\n\r\nmysql&gt; create database ossec;\r\nQuery OK, 1 row affected (0.00 sec)\r\n\r\nmysql&gt; grant all privileges on ossec.* to ossecuser@localhost identified by 'your_password';\r\nQuery OK, 0 rows affected (0.00 sec)\r\n\r\nmysql&gt; flush privileges;\r\nQuery OK, 0 rows affected (0.00 sec)\r\n\r\nmysql&gt; exit\r\nBye<\/pre>\n<p>OSSEC provides a schema for the database and it&#8217;s located in the src\/os_dbd\/ directory. Therefore, import it into your newly created ossec database:<\/p>\n<pre># mysql -u ossecuser -p ossec &lt; src\/os_dbd\/mysql.schema<\/pre>\n<p>Enter the ossecuser password when prompted.<\/p>\n<p>Now add the database config to OSSEC config file:<\/p>\n<pre># nano \/var\/ossec\/etc\/ossec.conf\r\n<\/pre>\n<pre>&lt;database_output&gt;\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 &lt;hostname&gt;127.0.0.1&lt;\/hostname&gt;\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 &lt;username&gt;ossecuser&lt;\/username&gt;\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 &lt;password&gt;your_password&lt;\/password&gt;\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 &lt;database&gt;ossec&lt;\/database&gt;\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 &lt;type&gt;mysql&lt;\/type&gt;\r\n\u00a0\u00a0\u00a0 &lt;\/database_output&gt;<\/pre>\n<p>You can put the above lines anywhere in the &lt;ossec_config&gt; block. Save and exit the file. Then, enable the database and restart OSSEC:<\/p>\n<pre># \/var\/ossec\/bin\/ossec-control enable database\r\n\r\n# \/var\/ossec\/bin\/ossec-control restart<\/pre>\n<p><strong>INSTALL OSSEC WEB UI<\/strong><\/p>\n<p>Install the OSSEC Web UI in Apache&#8217;s default document root. Enter the directory:<\/p>\n<pre># cd \/var\/www\/html\/<\/pre>\n<p>Download the latest OSSEC WUI and unpack the archive:<\/p>\n<pre># wget https:\/\/github.com\/ossec\/ossec-wui\/archive\/master.zip\r\n\r\n# unzip master.zip<\/pre>\n<p>Rename the directory to ossec:<\/p>\n<pre># mv ossec-wui-master\/ ossec\/<\/pre>\n<p>Create a tmp directory inside and set the correct files ownership and permissions:<\/p>\n<pre># mkdir ossec\/tmp\/\r\n\r\n# chown www-data: -R ossec\/\r\n\r\n# chmod 666 \/var\/www\/html\/ossec\/tmp<\/pre>\n<p>You can now access the web UI by opening your favorite web browser and navigating to <strong>http:\/\/your_server_IP\/ossec\/<\/strong><\/p>\n<p>Congratulations, you have successfully installed OSSEC server and it&#8217;s web user interface on an <a href=\"https:\/\/www.rosehosting.com\/ubuntu-hosting.html\" target=\"_blank\" rel=\"noopener noreferrer\">Ubuntu 14.04 VPS<\/a>. For more information please check OSSEC thorough <a href=\"http:\/\/ossec-docs.readthedocs.org\/en\/latest\/index.html\" target=\"_blank\" rel=\"noopener noreferrer\">documentation<\/a>.<\/p>\n<p>In the second part of this tutorial we will cover the OSSEC agent installation on another machine and we will install the Analogi Web Dashboard which gives a better and more informative interface when compared to the standard Web UI.<\/p>\n<p>Of course you don\u2019t have to do any of this if you use one of our <a href=\"https:\/\/www.rosehosting.com\/managed-vps-hosting.html\" target=\"_blank\" rel=\"noopener noreferrer\">Linux VPS Hosting<\/a> services, in which case you can simply ask our expert Linux admins to do this for you. They are available 24\u00d77 and will take care of your request immediately.<\/p>\n<p><span style=\"color: #ff0000;\"><strong>PS<\/strong><span style=\"color: #000000;\">.<\/span><\/span> If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This article is the first part of the full tutorial for installing OSSEC server\/agent on an Ubuntu 14.04 VPS. This &#8230; <\/p>\n<p class=\"read-more-container\"><a title=\"Install OSSEC on Ubuntu 14.04\" class=\"read-more button\" href=\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#more-18428\" aria-label=\"Read more about Install OSSEC on Ubuntu 14.04\">Read More<\/a><\/p>\n","protected":false},"author":4,"featured_media":18429,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1703,13,1698],"tags":[1050,1049,324,1048,1051,1053,1052],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Install OSSEC on Ubuntu 14.04 - RoseHosting<\/title>\n<meta name=\"description\" content=\"Install OSSEC on Ubuntu 14.04 - RoseHosting\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Install OSSEC on Ubuntu 14.04 - RoseHosting\" \/>\n<meta property=\"og:description\" content=\"Install OSSEC on Ubuntu 14.04 - RoseHosting\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/\" \/>\n<meta property=\"og:site_name\" content=\"RoseHosting\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/RoseHosting\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/rosehosting.helpdesk\" \/>\n<meta property=\"article:published_time\" content=\"2016-01-28T21:23:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-12-12T11:04:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2016\/01\/ossec.png\" \/>\n\t<meta property=\"og:image:width\" content=\"191\" \/>\n\t<meta property=\"og:image:height\" content=\"67\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Jeff Wilson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@rosehosting\" \/>\n<meta name=\"twitter:site\" content=\"@rosehosting\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jeff Wilson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/\"},\"author\":{\"name\":\"Jeff Wilson\",\"@id\":\"https:\/\/www.rosehosting.com\/blog\/#\/schema\/person\/7ce77a842fa6a9a7f8efa186f2353713\"},\"headline\":\"Install OSSEC on Ubuntu 14.04\",\"datePublished\":\"2016-01-28T21:23:55+00:00\",\"dateModified\":\"2022-12-12T11:04:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/\"},\"wordCount\":620,\"commentCount\":5,\"publisher\":{\"@id\":\"https:\/\/www.rosehosting.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2016\/01\/ossec.png\",\"keywords\":[\"file integrity checking\",\"log analysis\",\"monitoring\",\"ossec\",\"policy monitoring\",\"real-time alerting\",\"rootkit detection\"],\"articleSection\":[\"Security\",\"Tutorials\",\"Ubuntu\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/\",\"url\":\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/\",\"name\":\"Install OSSEC on Ubuntu 14.04 - RoseHosting\",\"isPartOf\":{\"@id\":\"https:\/\/www.rosehosting.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2016\/01\/ossec.png\",\"datePublished\":\"2016-01-28T21:23:55+00:00\",\"dateModified\":\"2022-12-12T11:04:59+00:00\",\"description\":\"Install OSSEC on Ubuntu 14.04 - RoseHosting\",\"breadcrumb\":{\"@id\":\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#primaryimage\",\"url\":\"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2016\/01\/ossec.png\",\"contentUrl\":\"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2016\/01\/ossec.png\",\"width\":191,\"height\":67},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.rosehosting.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Install OSSEC on Ubuntu 14.04\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.rosehosting.com\/blog\/#website\",\"url\":\"https:\/\/www.rosehosting.com\/blog\/\",\"name\":\"RoseHosting\",\"description\":\"Premium Linux Tutorials Since 2001\",\"publisher\":{\"@id\":\"https:\/\/www.rosehosting.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.rosehosting.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.rosehosting.com\/blog\/#organization\",\"name\":\"RoseHosting\",\"url\":\"https:\/\/www.rosehosting.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.rosehosting.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2022\/03\/android-chrome-192x192-1.png\",\"contentUrl\":\"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2022\/03\/android-chrome-192x192-1.png\",\"width\":192,\"height\":192,\"caption\":\"RoseHosting\"},\"image\":{\"@id\":\"https:\/\/www.rosehosting.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/RoseHosting\",\"https:\/\/x.com\/rosehosting\",\"https:\/\/www.linkedin.com\/in\/rosehosting\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.rosehosting.com\/blog\/#\/schema\/person\/7ce77a842fa6a9a7f8efa186f2353713\",\"name\":\"Jeff Wilson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.rosehosting.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/09271207587f897ab46faaed9b355252?s=96&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/09271207587f897ab46faaed9b355252?s=96&r=g\",\"caption\":\"Jeff Wilson\"},\"description\":\"An experienced Linux veteran with many years of experience. Helping other Linux admins with frequent Linux and business-related blog posts on the RoseHosting blog. Techie by choice. Loving nature and travel. Happily married and father of two lovely children.\",\"sameAs\":[\"https:\/\/www.rosehosting.com\",\"https:\/\/www.facebook.com\/rosehosting.helpdesk\"],\"url\":\"https:\/\/www.rosehosting.com\/blog\/author\/jwilson\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Install OSSEC on Ubuntu 14.04 - RoseHosting","description":"Install OSSEC on Ubuntu 14.04 - RoseHosting","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/","og_locale":"en_US","og_type":"article","og_title":"Install OSSEC on Ubuntu 14.04 - RoseHosting","og_description":"Install OSSEC on Ubuntu 14.04 - RoseHosting","og_url":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/","og_site_name":"RoseHosting","article_publisher":"https:\/\/www.facebook.com\/RoseHosting","article_author":"https:\/\/www.facebook.com\/rosehosting.helpdesk","article_published_time":"2016-01-28T21:23:55+00:00","article_modified_time":"2022-12-12T11:04:59+00:00","og_image":[{"width":191,"height":67,"url":"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2016\/01\/ossec.png","type":"image\/png"}],"author":"Jeff Wilson","twitter_card":"summary_large_image","twitter_creator":"@rosehosting","twitter_site":"@rosehosting","twitter_misc":{"Written by":"Jeff Wilson","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#article","isPartOf":{"@id":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/"},"author":{"name":"Jeff Wilson","@id":"https:\/\/www.rosehosting.com\/blog\/#\/schema\/person\/7ce77a842fa6a9a7f8efa186f2353713"},"headline":"Install OSSEC on Ubuntu 14.04","datePublished":"2016-01-28T21:23:55+00:00","dateModified":"2022-12-12T11:04:59+00:00","mainEntityOfPage":{"@id":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/"},"wordCount":620,"commentCount":5,"publisher":{"@id":"https:\/\/www.rosehosting.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#primaryimage"},"thumbnailUrl":"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2016\/01\/ossec.png","keywords":["file integrity checking","log analysis","monitoring","ossec","policy monitoring","real-time alerting","rootkit detection"],"articleSection":["Security","Tutorials","Ubuntu"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/","url":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/","name":"Install OSSEC on Ubuntu 14.04 - RoseHosting","isPartOf":{"@id":"https:\/\/www.rosehosting.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#primaryimage"},"image":{"@id":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#primaryimage"},"thumbnailUrl":"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2016\/01\/ossec.png","datePublished":"2016-01-28T21:23:55+00:00","dateModified":"2022-12-12T11:04:59+00:00","description":"Install OSSEC on Ubuntu 14.04 - RoseHosting","breadcrumb":{"@id":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#primaryimage","url":"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2016\/01\/ossec.png","contentUrl":"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2016\/01\/ossec.png","width":191,"height":67},{"@type":"BreadcrumbList","@id":"https:\/\/www.rosehosting.com\/blog\/install-ossec-on-ubuntu-14-04\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.rosehosting.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Install OSSEC on Ubuntu 14.04"}]},{"@type":"WebSite","@id":"https:\/\/www.rosehosting.com\/blog\/#website","url":"https:\/\/www.rosehosting.com\/blog\/","name":"RoseHosting","description":"Premium Linux Tutorials Since 2001","publisher":{"@id":"https:\/\/www.rosehosting.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.rosehosting.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.rosehosting.com\/blog\/#organization","name":"RoseHosting","url":"https:\/\/www.rosehosting.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.rosehosting.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2022\/03\/android-chrome-192x192-1.png","contentUrl":"https:\/\/www.rosehosting.com\/blog\/wp-content\/uploads\/2022\/03\/android-chrome-192x192-1.png","width":192,"height":192,"caption":"RoseHosting"},"image":{"@id":"https:\/\/www.rosehosting.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/RoseHosting","https:\/\/x.com\/rosehosting","https:\/\/www.linkedin.com\/in\/rosehosting\/"]},{"@type":"Person","@id":"https:\/\/www.rosehosting.com\/blog\/#\/schema\/person\/7ce77a842fa6a9a7f8efa186f2353713","name":"Jeff Wilson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.rosehosting.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/09271207587f897ab46faaed9b355252?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/09271207587f897ab46faaed9b355252?s=96&r=g","caption":"Jeff Wilson"},"description":"An experienced Linux veteran with many years of experience. Helping other Linux admins with frequent Linux and business-related blog posts on the RoseHosting blog. Techie by choice. Loving nature and travel. Happily married and father of two lovely children.","sameAs":["https:\/\/www.rosehosting.com","https:\/\/www.facebook.com\/rosehosting.helpdesk"],"url":"https:\/\/www.rosehosting.com\/blog\/author\/jwilson\/"}]}},"_links":{"self":[{"href":"https:\/\/www.rosehosting.com\/blog\/wp-json\/wp\/v2\/posts\/18428"}],"collection":[{"href":"https:\/\/www.rosehosting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.rosehosting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.rosehosting.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.rosehosting.com\/blog\/wp-json\/wp\/v2\/comments?post=18428"}],"version-history":[{"count":3,"href":"https:\/\/www.rosehosting.com\/blog\/wp-json\/wp\/v2\/posts\/18428\/revisions"}],"predecessor-version":[{"id":44118,"href":"https:\/\/www.rosehosting.com\/blog\/wp-json\/wp\/v2\/posts\/18428\/revisions\/44118"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.rosehosting.com\/blog\/wp-json\/wp\/v2\/media\/18429"}],"wp:attachment":[{"href":"https:\/\/www.rosehosting.com\/blog\/wp-json\/wp\/v2\/media?parent=18428"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.rosehosting.com\/blog\/wp-json\/wp\/v2\/categories?post=18428"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.rosehosting.com\/blog\/wp-json\/wp\/v2\/tags?post=18428"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}