Using CentralWire

Go to http://web.foo.com:8080/centralwire/app and you should see the login screen:

Login screen

login using an LDAP account that belongs to the group named "admin" (or as specified by the "role.admin" context parameter). Then you'll see the main screen: the screen listing all the servers (so far you have none):

Server listing

So, click "Add new server" to define a new server:

Adding a new server

Note that the SSH key value can be found in /etc/ssh/ssh_host_rsa_key.pub on that h1 host. Click "OK" and then "Main page" to return to the main page. You'll see this new server:

New server is shown

It has no tripwire report yet. This is because CentralWire will try to ssh into the host every 24 hours (can be changed in the configuration screen) to obtain its tripwire report. If you can't wait, you can click "Obtain report" to tell it to do it now. It will take a few seconds, then you should see:

The server has changes

It means that it has obtained the report successfully and that the report says that there are changes found. Next, click "Has changes" to review the changes:

Reviewing the change report

To accept the changes, return to the main screen and click "Accept changes". To accept changes for multiple servers, click "Accept all changes" at the bottom. It will accept the changes for all the servers with changes as listed on the page.

Note: After accepting the changes, the "Has changes" link will still be there. Don't be surprised. This is because your server will not generate a new report immediately after accepting the changes. Just wait for another 24 hours (at most) and the status will be updated.