Greetings.
Went through other information about managing centralized agent.conf
through ossec HID server.
It has successfully been able to update the agent.conf on the agents
(although it take sometime, which is fine)
Here is the problem -
This is my agent.conf -
<agent_config>
<syscheck>
<alert_new_files>yes</alert_new_files>
<!-- Directories to check (perform all possible verifications) -->
<directories check_all="yes">/home</directories>
<ignore type="sregex">.log$|.tmp</ignore>
<ignore>/etc/motd</ignore>
<ignore>/home/mysql</ignore>
<ignore>/home/mongodb</ignore>
<ignore>/home/backups</ignore>
</syscheck>
</agent_config>
The Ossec.conf on the AGENT is the generic conf that comes out of the box,
and im trying to push other requirements through agent.conf from the
server.
Although I do get alerts from ossec, about changes made to files / new
files added to the system on generic folders (through generic config) -
/etc , /sbin etc etc.
Iam not getting any changes from the /home folder from agents, about new
files added or files changed.
Help regarding this would be highly appreciated :)
Thanks
AJ
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
