13Cubed/ossec-installer.sh

## ossec-installer.sh
#!/bin/bash
# This script simplifies the installation of the OSSEC HIDS Agent for RHEL/CentOS boxes.

# Are we running is root?
if [ $(id -u) -ne 0 ]; then
  echo
  echo "This script must be run as root!"
  echo
  exit;
fi

# Pull down the repo installer script from AtomiCorp.
echo
echo "Installing Atomic Repo ..."
echo
cd /root
curl -o atomic.sh https://www.atomicorp.com/installers/atomic
chmod 755 atomic.sh
./atomic.sh
rm -f atomic.sh
rm -f atomic-release*

# Now that the repo has been added, use yum to install the package.
echo "Installing OSSEC HIDS Agent ..."
echo
yum install ossec-hids-client -y
echo
echo

# Rename an unnecessary configuration file.
echo "Renaming unnecessary agent.conf file in /var/ossec/etc/shared/ to agent.conf.bak ..."
mv /var/ossec/etc/shared/agent.conf /var/ossec/etc/shared/agent.conf.bak
echo
echo

# Launch the OSSEC configuration utility.
echo "Starting OSSEC Configuration"
echo
/var/ossec/bin/ossec-configure
echo
echo

# Launch the OSSEC agent manager.
echo "Starting OSSEC Agent Manager (choose 'I' to import key from AlienVault)"
/var/ossec/bin/manage_client
echo
echo
echo "Adding server configuration to /var/ossec/etc/ossec.conf ..."
# If you'd rather use an IP address instead, use server-ip instead of server-hostname.
echo "Please enter server hostname (server.example.com): "
read server
sed -i "s/<\/global>/<\/global>\n  <client>\n    <server-hostname>$server<\/server-hostname>\n  <\/client>/" /var/ossec/etc/ossec.conf
echo
echo

# Start the client.
echo "Attempting to start OSSEC ..."
echo
/var/ossec/bin/ossec-client.sh start
	#!/bin/bash
	# This script simplifies the installation of the OSSEC HIDS Agent for RHEL/CentOS boxes.

	# Are we running is root?
	if [ $(id -u) -ne 0 ]; then
	echo
	echo "This script must be run as root!"
	echo
	exit;
	fi

	# Pull down the repo installer script from AtomiCorp.
	echo
	echo "Installing Atomic Repo ..."
	echo
	cd /root
	curl -o atomic.sh https://www.atomicorp.com/installers/atomic
	chmod 755 atomic.sh
	./atomic.sh
	rm -f atomic.sh
	rm -f atomic-release*

	# Now that the repo has been added, use yum to install the package.
	echo "Installing OSSEC HIDS Agent ..."
	echo
	yum install ossec-hids-client -y
	echo
	echo

	# Rename an unnecessary configuration file.
	echo "Renaming unnecessary agent.conf file in /var/ossec/etc/shared/ to agent.conf.bak ..."
	mv /var/ossec/etc/shared/agent.conf /var/ossec/etc/shared/agent.conf.bak
	echo
	echo

	# Launch the OSSEC configuration utility.
	echo "Starting OSSEC Configuration"
	echo
	/var/ossec/bin/ossec-configure
	echo
	echo

	# Launch the OSSEC agent manager.
	echo "Starting OSSEC Agent Manager (choose 'I' to import key from AlienVault)"
	/var/ossec/bin/manage_client
	echo
	echo
	echo "Adding server configuration to /var/ossec/etc/ossec.conf ..."
	# If you'd rather use an IP address instead, use server-ip instead of server-hostname.
	echo "Please enter server hostname (server.example.com): "
	read server
	sed -i "s/<\/global>/<\/global>\n <client>\n <server-hostname>$server<\/server-hostname>\n <\/client>/" /var/ossec/etc/ossec.conf
	echo
	echo

	# Start the client.
	echo "Attempting to start OSSEC ..."
	echo
	/var/ossec/bin/ossec-client.sh start