Checking connection with Manager

First you need to be sure that the Agent is poiting to Manager Address this is set on ossec.conf using <client> XML tag, for more see Client reference.


This will set as Wazuh Manager server, after you need restart the Agent:

  1. For Systemd:

# systemctl restart wazuh-agent
  1. For SysV Init:

# service wazuh-agent restart

After you register the agent and it be successfully connected, you could see a list of connected agents into Manager with:

# /var/ossec/bin/agent_control -lc

This will display every registered Agent, also you can check if a Agent is correctly connected verifying if the UDP connection to Manager is established:

# netstat -vatunp|grep ossec-agentd

This could match with the Agent and Manager ip addresses.

In the agent_control section it can be found information about the different states in which agents registered in a manager are.