Clustering

High Performance/High availability clustering is supported in Atomic OSSEC, utilizing a read/write primary, and read only secondary design. The read/write primary serves as the central repository for all agent keys, configurations, and settings. Additionally it can be configured to centralize event, compliance, and vulnerability data. Agents will register to the read/write primary, all other connections will be to the read-only Worker nodes.

Configuring a Cluster (Primary)

Step 1: On the Primary node UI, navigate to Hub Configuration > Hub Configuration > Clustering

Step 2: Configure the following settings

Enable Clustering: yes

Cluster Mode: master

Cluster master ip: master

**Step 3: Click ‘save changes’

Configure a Cluster (Secondary)

Step 1: On the Secondary node UI, navigate to Hub Configuration > Hub Configuration > Clustering

Step 2: Configure the following settings

Enable Clustering: yes

Cluster Mode: worker

Cluster master ip: IP of Primary HUB

**Step 3: Click ‘save changes’