Server, agent, and web-ui
# get build-essentials
apt-get install build-essential
# get server
wget http://www.ossec.net/files/ossec-hids-2.6.tar.gz
# untar
tar xf ossec-hids-2.6.tar.gz
cd ossec-hids*
# install
./install.sh
# type server for 'sever', 'agent' for agent
# select no to the auto-notify
# use `/var/ossec/bin/manage_agents` to manage agents
# (including exporting and importing keys)
# start ossec
service ossec start# get apache
apt-get install apache2 php5 libapache2-mod-php5 apache2-utils
# get ossec-wui
cd /var/www
wget http://www.ossec.net/files/ossec-wui-0.3.tar.gz
# untar
tar xf ossec-wui-0.3.tar.gz
rm ossec-wui-0.3.tar.gz
cd ossec-wui-0.3/
# install
./setup.sh
# add www-data user to ossec to group
sed -i 's/^ossec.*$/&:www-data/g' /etc/group
# restart apache
service apache2 restart