On Fri, Oct 11, 2019 at 7:53 AM Prashanthi Soundarajan <prashanthid...@gmail.com> wrote: > > > >> >> All the samples are from the alerts you say you are getting emails >> for. The important alerts to look for are the ones you're not getting >> emails for. >> Assuming those exist in the alerts.log file, check your smtp server's >> mail logs. Perhaps it's discarding the messages or they aren't getting >> transferred properly? >> > > > No those alerts are not in alerts.log . For example if I test creating a new > file in the specified directory .. am not able to see logs in alert.log > so I guess there is less possibility for they aren't getting transferred > properly when it logs are not actually in alert.log
If they are not in the alerts.log file, then they won't get emailed. Do the new files you create show up in your syscheck database file? (/var/ossec/queue/syscheck/syscheck.db for the OSSEC server) -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/CAMyQvMoFH-NBVLMgUXk9UFkLTFgfqV49%2BSZqeCd%3D7MKpxWwzJQ%40mail.gmail.com.
