On Aug 21, 2017 1:07 PM, "Ritu Soni" <ritu.soni9...@gmail.com> wrote:
Hey, When i perform any changes to xml files, ossec stopped working. should i use ''make" command for those changes to work or any other command after performing the changes ? You can run `ossec-logtest -t` to test your changes before reatarting ossec. If there are issues, it should display error messages. > On Monday, August 21, 2017 at 10:25:45 PM UTC+5:30, dan (ddpbsd) wrote: > > > > On Aug 21, 2017 12:54 PM, "Ritu Soni" <ritu.s...@gmail.com> wrote: > > hello, > I have installed OSSEC on UBUNTU server. > I want to perform changes in OSSEC rules, so that it can detect an attack > and display an alert like "DDOS Attack". > Is it possible to perform changes in rules of OSSEC using xml files? > What could be the possible method for this, please guide me. > > > Local additiona or changes to the rules can be done in > /var/ossec/rules/local_rules.xml > > > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
