Re: [ossec-list] Re: 2.8 - Active response on Windows agents not working ?
On Sat, 7 May 2016, Jacob Mcgrath wrote: Ok, let me know when it time for my guinea piging to start lol. The patched script should be useable now. Just download straight from github. Antonio Querubin e-mail: t...@lavanauts.org xmpp: antonioqueru...@gmail.com
[ossec-list] Re: 2.8 - Active response on Windows agents not working ?
Ok, let me know when it time for my guinea piging to start lol. On Wednesday, July 2, 2014 at 11:28:31 AM UTC-5, morgan cox wrote: > > Hi > > I cannot get active response to work > > how can I debug why active response on Windows agents is not working ? > > linux agents are fine - i.e drop/active response is working > > I have followed - > http://ossec-docs.readthedocs.org/en/latest/manual/ar/ar-windows.html > > when I use the command : - /var/ossec/bin/agent_control -b 2.3.4.5 -f > win_nullroute600 -u 002 > > it doesn''t block / add a route on the windows agent > > tried on Windows 2012/2008 both os's same result. > > How can I find out why ? > > regards > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ossec-list] ossec-syscheckd: INFO: (unix_domain) Maximum send buffer set to: '212992'. error and client not active
Hi ; my system also has 5 agent and 3 remote syslog agent. now not working 3 agent .i see inactive. but agent working and ossec.log i see : 2016/05/07 17:37:46 ossec-syscheckd: INFO: (unix_domain) Maximum send buffer set to: '212992'. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.