> > >> Try blanking the merged.mg. >> > > Looks like it does the trick. I cp /dev/null into it and then restart both > - after restarting the file is populated with datra again pushed from the > server in that section for the client name. > > Need to wait or do some testing to see if it is actually using that merge > file for the config as I still do not see in the log that monitor these > entry yet (in the merged.mg file) > >
So it has thing pushed to merge.mg file but it is not picked up. I manually run bin/agent_control -r -a in the server and wait for a while, the in the client log it says: 2012/08/02 11:58:13 ossec-rootcheck: INFO: Starting rootcheck scan. 2012/08/02 11:58:13 ossec-rootcheck: No rootcheck_files file configured. 2012/08/02 11:58:13 ossec-rootcheck: No rootcheck_trojans file configured. 2012/08/02 11:59:09 ossec-rootcheck: INFO: Ending rootcheck scan. 2012/08/02 12:04:09 ossec-rootcheck: INFO: Starting rootcheck scan. 2012/08/02 12:04:09 ossec-rootcheck: No rootcheck_files file configured. 2012/08/02 12:04:09 ossec-rootcheck: No rootcheck_trojans file configured Obviously I saw all it is configure in the merge.pg file. Do we need to sym link it to ossec.conf file? > > > -- > Steve Kieu > -- Steve Kieu