Dear Dan,
For ossec-logtest I just ran like this ./ossec-logtest? How
about the syscheck how to run it? What will both of this script eventually
be doing? Do I need to run the rootcheck ?
On Wednesday, September 4, 2013 9:38:07 PM UTC+8, dan (ddpbsd) wrote:
>
> On Tue, Sep 3, 2013 at 12:36 AM, frwa onto <[email protected]<javascript:>>
> wrote:
> > Hi All,
> > I just rebuild and install ossec on my centos 6.4 machine. So
> what
> > is the next step be done as this is any existing machine and I want to
> check
> > for any previous intrusion? I also want to get alerts on updates on my
> local
> > files or any new files created? I am sorry very new to it.
> >
>
> You can use ossec-logtest to check old log files, and syscheck has a
> default configuration that can cover most needs. If you have custom
> locations that must be monitored, you should add them to the
> ossec.conf in the syscheck section.
>
> > --
> >
> > ---
> > You received this message because you are subscribed to the Google
> Groups
> > "ossec-list" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an
> > email to [email protected] <javascript:>.
> > For more options, visit https://groups.google.com/groups/opt_out.
>
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
