On Monday, June 18, 2018 at 8:02:51 AM UTC-4, dan (ddpbsd) wrote: > > On Fri, Jun 15, 2018 at 1:46 PM, <[email protected] > <javascript:>> wrote: > > I am new to OSSEC and have the server running and over 1000 agents > listed. > > the things that I am attempting to figure out are as follows > > > > 1) Of the over 1000 windows agents that are Active I never see any > alerts > > for them > > Are the agents able to successfully connect? Check an agent's > ossec.log to make sure. > > > 2) The OSSEC Server log has many alerts > > /var/ossec/logs/alerts/alerts.log? Are the alerts in there only from > the OSSEC server? I do see Microsoft-Windows-Security-Auditing log event > entries in the log file. Why are these not been reported in Atomic Secure > Linux Agent Window > > > 3) I am using Atomic Secured Linux and I would like to set up groups, > such > > as Production, Pre Production and etc > > > > Please feel free to let me know what to complete to see the windows > alerts. > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups > > "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to [email protected] <javascript:>. > > For more options, visit https://groups.google.com/d/optout. >
-- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
