Re: [ossec-list] ossec-maild tags

2014-03-17 Thread Gaurav Rajput 
Thanks,

Thanks a lot for your support, let me try this, i will get back to you 
people soon.
@Ryan...>>> yeah, sure i am waiting for that. please tag me "@x1b2j" on 
github.

On Saturday, 15 March 2014 03:22:27 UTC+5:30, Ryan Schulze wrote:
>
>  Hi,
>
> We had a similar requirement here. I just added an additional option to 
> the ossec.conf that get's added into the mail headers ("X-IDS-OSSEC: 
> $value") to be able to use that to sort the emails from the different 
> masters.
>
> I currently don't have a patch file with only that change (for stupid 
> reasons all our changes are currently lumped into one big patch file), but 
> If you can wait until next week I'm planning on having a look at git and 
> forks and all that fun. So I should, at the very least, have a patch file 
> or fork with that feature singled out.
>
> Ryan
>
>
> On 3/13/2014 2:01 AM, Gaurav Rajput wrote:
>  
> Hi,
>
> I have 3 different infrastructures (Development, Production and Testing), 
> running the same configuration (with same ip-address and subnet) and nodes. 
> I have 3 ossec-servers running. Each ossec-server is sending the mails to a 
> central gmail account.
>
> All I want is, to categorize the mails from each infrastructure. In other 
> words I want to tag the emails with Dev, Prod or Test. Is there any way to 
> do this, as I searched a lot in the configuration file ??? 
>
> Thanks.
>  -- 
>
> --- 
> You received this message because you are subscribed to the Google Groups 
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ossec-list+...@googlegroups.com .
> For more options, visit https://groups.google.com/d/optout.
>
>
>  

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ossec-list] ossec with nagios

2014-03-13 Thread Gaurav Rajput 
Hi,

I have an ossec-server along with a nagios-server. All i want, is to 
monitor the ossec-remoted from nagios. But the main problem is that, 
"ossec-remoted" uses UDP protocol, so it never echoes back. So how would I 
ensure that my ossec-server is up and running (with or without using 
nagios) ?

Also, i tried nagios-plugin "check_udp", but, while tackling the UDP, we 
must pass the "send string" and "expect string" as parameters to this 
command. I couldn't find any way to do this. I tried "netcat" too but its 
not giving me the desired result (as it was echoing the same thing for all 
UDP ports [0-65535]). So is there any specific string that i can send and 
receive some expected string ? ( I don't have enough time to open the code 
right now ).

Thanks.

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ossec-list] ossec-maild tags

2014-03-13 Thread Gaurav Rajput 
Hi,

I have 3 different infrastructures (Development, Production and Testing), 
running the same configuration (with same ip-address and subnet) and nodes. 
I have 3 ossec-servers running. Each ossec-server is sending the mails to a 
central gmail account.

All I want is, to categorize the mails from each infrastructure. In other 
words I want to tag the emails with Dev, Prod or Test. Is there any way to 
do this, as I searched a lot in the configuration file ??? 

Thanks.

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.