Hello,
I am working on setting up OSSEC across our company and am running into an
error when trying to setup eventchannel logging. Has anyone run into this
or can provide direction to resolve this?
The error:
2014/03/20 12:44:56 ossec-agent(1235): ERROR: Invalid value for element
'log_format': eventchannel.
2014/03/20 12:44:56 ossec-agent(1202): ERROR: Configuration error at
'shared/agent.conf'. Exiting.
The Config:
<localfile>
<location>Microsoft-Windows-Diagnostics-Performance/Operational</location>
<log_format>eventchannel</log_format>
</localfile>
Both agent and server are 2.7.1:
SERVER:
Installed Packages
Name : ossec-hids
Arch : x86_64
Version : 2.7.1
Release : 37.el6.art
Size : 68 k
Repo : installed
>From repo : atomic
AGENT:
OSSEC HIDS agent_control. Agent information:
Agent ID: ###
Agent Name: #########
IP address: ##########
Status: Active
Operating system: Microsoft Windows 7 Business Edition Professional
Se..
Client version: OSSEC HIDS v2.7.1 / ############################
Last keep alive: Thu Mar 20 12:42:53 2014
Syscheck last started at: Thu Mar 20 12:43:55 2014
Rootcheck last started at: Thu Mar 20 12:44:31 2014
Any help would be appreciated.
Thanks
Reggie
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
