On Mon, Jan 12, 2015 at 11:17 AM, <ch...@rhris.com> wrote: > Sadly no they did not. They just want notices if the files change. But to > log access to said files causes a infinite loop of alerts. >
How is this handled for other log files? > On Monday, January 12, 2015 at 9:55:48 AM UTC-6, dan (ddpbsd) wrote: >> >> On Mon, Jan 12, 2015 at 10:36 AM, Christopher Dangerfield >> <ch...@rhris.com> wrote: >> > After going through a security audit with my current employer something >> > came >> > up that I cannot figure out how to solve. No one online seems to have >> > ran >> > into this. The auditor wants us to log and alert access to the >> > /var/ossec/logs folder. I can do this, but every alert creates a log >> > change >> > thus creates another alert and log change, etc, etc, etc. Has anyone >> > ever >> > had to do this and cold help me? >> > >> >> Did the auditors have any suggestions? >> >> > -- >> > Chris >> > >> > -- >> > >> > --- >> > You received this message because you are subscribed to the Google >> > Groups >> > "ossec-list" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> > an >> > email to ossec-list+...@googlegroups.com. >> > For more options, visit https://groups.google.com/d/optout. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
