On Saturday, January 5, 2019 at 11:20:21 AM UTC+5:30, dan (ddpbsd) wrote: > On Fri, Jan 4, 2019 at 5:54 PM ram sri <ramsr...@gmail.com> wrote: > > > > > .cmd files won’t run on linux, it’s a windows script. > > > > Yes, but how can i run script for windows machine? > > > > > > > > How do you have active response configured? > Same , i configured in ossec.conf (ossec server). > > > > Which active response command are you trying to run? > > I tried restart-ossec.cmd, firewall-drop.cmd, winroute-nul.cmd . These three > command trigger bt not action. as you said .cmd file won't run linux means > why ossec specified this example > https://ossec-docs.readthedocs.io/en/latest/manual/ar/ar-windows.html. please > give me a solution. > > > > Can you check the ownership and permissions of the script? > Initially i give file permission to execute the windows script(.cmd file). > > > > > I want to know, is the ossec active response is applicable for windows > machine(not windows agent) and linux machine ( i am not asking about ossec > server and ossec agent) . > > > > If you can write a script to remotely run the commands from an ossec agent on > a non-ossec agent system it can work. We don’t support running active reponse > on non-ossec systems. > > Okay.if i write a script for remotely execute command means we give that non-oesec agent system user credentials to remote script??? > > > > > Thanks, > > > > > -- > > > > --- > > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout.
-- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
