[ossec-list] Re: Wazuh-agent.exe
Yes, its working as expected. But also need how to uninstall in silent mode wazuh-agent-3.10.exe /S can u plese help me. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/4b0f1a6f-4f84-4071-8f21-57033f9ccaa9%40googlegroups.com.
[ossec-list] remote secure logging
Hello everyone,
Let's say I have a firewall that I want to configure to send it's logs to
my OSSEC server.
I know that I can simply configure my firewall to send logs to my OSSEC
server's IP and the ossec server like this:
syslog
{FIREWALL_IP}
The thing is that this is an insecure connection and the logs are being
sent unencrypted.
In OSSEC's documentation it states that there is also the
secure option that uses authentication and
encryption for the logs and receives logs at port 1514.
I set my firewall to send remote logs to OSSEC server's IP:1514 but I am
not seeing the logs at archives.logs (I check the traffic on 1514 port and
I indeed receive traffic from the firewall, although it's not logged)
So I guess that the whole "secure" thing to work needs some kind of
authentication as I stated before.
My question is how do I actually configure that? On the firewall, and on
the OSSEC server?
Any answers or suggestions are appreciated!
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ossec-list/dad13c7a-7c0e--ae04-46414f1ba62f%40googlegroups.com.
[ossec-list] Secure remote logging
Hello everyone, Let's say I have a firewall that I want to configure to send it's logs to my OSSEC server. I know that I can simply configure my firewall to send logs to my OSSEC server's IP and the ossec server like this: syslog 192.168.1.1 The thing is that this is an insecure connection and the logs are being sent unencrypted. In OSSEC's documentation it states that there is also the secure option that uses authentication and encryption for the logs and receives logs at port 1514. I set my firewall to send remote logs to OSSEC server's IP:1514 but I am not seeing the logs at archives.logs (I check the traffic on 1514 port and I indeed receive traffic from the firewall, although it's not logged) So I guess that the whole "secure" thing to work needs some kind of authentication as I stated before. My question is how do I actually configure that? On the firewall, and on the OSSEC server? Any answers or suggestions are appreciated! -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/30f766d7-4afd-4324-9603-be26cec47521%40googlegroups.com.
