Re: [ossec-list] Zlib Compile Errors

'C0nfus1i0n' via ossec-list Tue, 24 Feb 2015 01:25:43 -0800

I managed to get rid of the other error messages.  Now only the first few 
remain.  Here's my ossec.log:

2015/02/23 23:09:57 ossec-execd(1314): INFO: Shutdown received. Deleting 
responses.
2015/02/23 23:09:57 ossec-execd(1225): INFO: SIGNAL Received. Exit 
Cleaning...
2015/02/23 23:09:58 ossec-testrule: INFO: Reading local decoder file.
2015/02/23 23:09:58 ossec-testrule: INFO: Started (pid: 15869).
2015/02/23 23:09:58 ossec-execd: INFO: Started (pid: 15892).
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading local decoder file.
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'rules_config.xml'
2015/02/23 23:09:58 ossec-remoted: INFO: Started (pid: 15904).
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'pam_rules.xml'
2015/02/23 23:09:58 ossec-remoted: Remote syslog allowed from: '127.0.0.1'
2015/02/23 23:09:58 ossec-remoted: Remote syslog allowed from: 
'192.95.30.10'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'sshd_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'telnetd_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'syslog_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'arpwatch_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'symantec-av_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'symantec-ws_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'pix_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'named_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'smbd_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'vsftpd_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'pure-ftpd_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'proftpd_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'ms_ftpd_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'ftpd_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'hordeimp_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'roundcube_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'wordpress_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'cimserver_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'vpopmail_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'vmpop3d_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'courier_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'web_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'web_appsec_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'apache_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'nginx_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'php_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'mysql_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'postgresql_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'ids_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'squid_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'firewall_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'cisco-ios_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'netscreenfw_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'sonicwall_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'postfix_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'sendmail_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'imapd_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'mailscanner_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'dovecot_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'ms-exchange_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'racoon_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'vpn_concentrator_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'spamd_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'msauth_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'mcafee_av_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'trend-osce_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'ms-se_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'zeus_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'solaris_bsm_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'vmware_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'ms_dhcp_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'asterisk_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'ossec_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'attack_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'openbsd_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'clam_av_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'dropbear_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Reading rules file: 
'local_rules.xml'
2015/02/23 23:09:58 ossec-analysisd: INFO: Total rules enabled: '1310'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: '/etc/mtab'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: '/etc/mnttab'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: '/etc/hosts.deny'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'/etc/mail/statistics'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: '/etc/random-seed'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: '/etc/adjtime'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: '/etc/httpd/logs'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: '/etc/utmpx'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: '/etc/wtmpx'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: '/etc/cups/certs'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: '/etc/dumpdates'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'/etc/svc/volatile'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'C:\WINDOWS/System32/LogFiles'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 'C:\WINDOWS/Debug'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'C:\WINDOWS/WindowsUpdate.log'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'C:\WINDOWS/iis6.log'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'C:\WINDOWS/system32/wbem/Logs'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'C:\WINDOWS/system32/wbem/Repository'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'C:\WINDOWS/Prefetch'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'C:\WINDOWS/PCHEALTH/HELPCTR/DataColl'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'C:\WINDOWS/SoftwareDistribution'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 'C:\WINDOWS/Temp'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'C:\WINDOWS/system32/config'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'C:\WINDOWS/system32/spool'
2015/02/23 23:09:58 ossec-analysisd: INFO: Ignoring file: 
'C:\WINDOWS/system32/CatRoot'
2015/02/23 23:10:01 ossec-syscheckd(1210): ERROR: Queue 
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
2015/02/23 23:10:01 ossec-rootcheck(1210): ERROR: Queue 
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
2015/02/23 23:10:07 ossec-logcollector(1210): ERROR: Queue 
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
2015/02/23 23:10:07 ossec-logcollector(1211): ERROR: Unable to access 
queue: '/var/ossec/queue/ossec/queue'. Giving up..
2015/02/23 23:10:09 ossec-syscheckd(1210): ERROR: Queue 
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
2015/02/23 23:10:09 ossec-rootcheck(1210): ERROR: Queue 
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
2015/02/23 23:10:22 ossec-syscheckd(1210): ERROR: Queue 
'/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'.
2015/02/23 23:10:22 ossec-rootcheck(1211): ERROR: Unable to access queue: 
'/var/ossec/queue/ossec/queue'. Giving up..

On Monday, February 23, 2015 at 9:48:45 PM UTC-5, C0nfus1i0n wrote:
>
> I restored from an even older backup and OSSEC is back, except i can't get 
> it to start.  Here's what happens when i restart its daemon:
>
> 2015/02/23 21:03:22 ossec-syscheckd(1210): ERROR: Queue 
> '/var/ossec/queue/ossec/
> queue' not accessible: 'Queue not found'.
> 2015/02/23 21:03:37 ossec-rootcheck(1210): ERROR: Queue 
> '/var/ossec/queue/ossec/
> queue' not accessible: 'No such file or directory'.
> 2015/02/23 21:03:48 ossec-syscheckd(1210): ERROR: Queue 
> '/var/ossec/queue/ossec/
> queue' not accessible: 'Queue not found'.
> 2015/02/23 21:04:03 ossec-rootcheck(1210): ERROR: Queue 
> '/var/ossec/queue/ossec/
> queue' not accessible: 'No such file or directory'.
>
> How do i fix that?
>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Re: [ossec-list] Zlib Compile Errors

Reply via email to