Indeed,
I'll bet that you are running syslogd on the ossec server. Try killing
syslogd and restarting it with the -s flag. Then try restarting ossec
again. Let me know if that works.
Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45
---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com - "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security
Aaron Bliss wrote:
> Hi everyone,
> I'm pretty sure that ossec can do this. Before deploying agents to
> other machines, I would first like to get ossec to accept syslog's from
> remote machines and just analyze those messages. During the setup of
> the ossec server, I chose the option to have it accept syslog messages,
> however the box isn't listening on port 514, even though ossec on the
> server is working. Here are the remote sections of the ossec.conf file:
> <remote>
> <connection>syslog</connection>
> </remote>
>
> <remote>
> <connection>secure</connection>
> </remote>
>
> Any ideas on this? Thanks.
>
> Aaron
begin:vcard fn:Adriel T Desautels n:Desautels;Adriel T org:Netragard, LLC. adr:;;17 Sheldon Road;Mendham ;NJ;;USA email;internet:[EMAIL PROTECTED] title:Chief Technology Officer tel;work:617-934-0269 tel;cell:617-633-3821 x-mozilla-html:FALSE url:http://www.netragard.com version:2.1 end:vcard
signature.asc
Description: OpenPGP digital signature
