On Sep 29, 2016 4:10 PM, "R0me0 ***" <knight....@gmail.com> wrote: > > Hello guys. > > I'm trying to use real monitoring. > > I have installed inotify-tools from OpenBSD packages > > Initially I guess something related with run_realtime.c and I point inotify.h path. > > But I still without be able to use Real monitoring with the follow error in ossec.conf > > ( OpenBSD - OSSEC AGENT ) > > ossec-syscheckd: WARN: Ignoring flag for real time monitoring on directory: '/etc/pf'. > > Anyone has this setup working ? Any directions will be really appreciated > > Thanks in advance, >
I spent some time messing with it awhile back, but never got it working. There are some Makefile changes you have to make, as well as possible src changes. > > > > -- > > --- > You received this message because you are subscribed to the Google Groups "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
