...
5. For specific log monitoring on agent computers, location entries should be added to the client’s (where agent is installed) configuration file, that is at/var/ossec/etc/ossec.conf, same as the server’s configuration mentioned in StepAnchor
6. After this change has been made, the client-syslog process should be enabled using the command: # /var/ossec/bin/ossec-control enable client-syslogFinally restart the OSSEC processes using the command: # /var/ossec/bin/ossec-control restart
...
Table 1-2: The OSSEC event collector(Syslog-3770) properties to be configured by MDR are shown in the table.
...