Hi everyone,
I'm pretty sure that ossec can do this. Before deploying agents to
other machines, I would first like to get ossec to accept syslog's from
remote machines and just analyze those messages. During the setup of
the ossec server, I chose the option to have it accept syslog messages,
however the box isn't listening on port 514, even though ossec on the
server is working. Here are the remote sections of the ossec.conf file:
<remote>
<connection>syslog</connection>
</remote>
<remote>
<connection>secure</connection>
</remote>
Any ideas on this? Thanks.
Aaron
