subject:"Re\: \[ossec\-list\] ossec\-Maild CPU Usage 95% \+"

Re: [ossec-list] ossec-Maild CPU Usage 95% +

2020-04-01 Thread SHADO

2020/04/01 12:54:01 ossec-maild [dns]: ERROR: connect() failed.
2020/04/01 12:54:01 ossec-maild: ERROR: DNS failure for smtpserver 
2020/04/01 12:54:01 ossec-maild: ERROR: No socket. 
2020/04/01 12:54:27 ossec-maild(1261): ERROR: Waiting for child process. (
status: 256). 
2020/04/01 12:54:27 ossec-maild(1223): ERROR: Error Sending email to mail.
DOMAIN.com. (smtp server) 
2020/04/01 12:58:02 ossec-maild: DEBUG: Running OS_Sendmail() 
2020/04/01 12:59:06 ossec-maild [dns]: ERROR: connect() failed. 
2020/04/01 12:59:06 ossec-maild: ERROR: DNS failure for smtpserver 
2020/04/01 12:59:06 ossec-maild: ERROR: No socket.



Not sure if it was my late night fat fingers but somehow smtp.DOMAIN.com 
became mail.DOMAIN.com.


Changed it back to smtp.DOMAIN.com, restarted OSSEC and the CPU seems to be 
back to its normal utilization levels.


Thanks for the nudge to look at the logs.  Was feeling a little lazy after 
what seemed like a never ending day.


Stay Safe.



On Wednesday, April 1, 2020 at 1:16:25 PM UTC-4, dan (ddpbsd) wrote:

> On Wed, Apr 1, 2020 at 12:58 PM SHADO > 
> wrote: 
> > 
> > Hi! 
> > 
> > Did a new install on Ubuntu 18.04 LTS and ossec-Maild is hogging the 
> CPU. 
> > 
> > 
> > ossecmPID 1 78 Mar31 ?07:34:06 
> /var/ossec/bin/ossec-maild 
> > 
> > 
> >  PID USERPRI   NI  VIRT   RESSHR   S  CPU%  MEM%   TIME+ 
>  Command 
> > 
> > PID ossecm 20   0 24756  2768  2512 R 96.0  0.0  7h38:20 
> /var/ossec/bin/ossec-maild 
> > 
> > 
> > 
> > 
> > Have stopped and restart. 
> > 
> > 
> > Have rebooted. 
> > 
> > 
> > CPU is low until ossec-maild kicks off. 
> > 
> > 
>
> Which version of OSSEC? 
> Anything in the ossec.log on the server? 
>
>
> > 
> > Suggestions? 
> > 
> > 
> > Regards 
> > 
> > SHADO 
> > 
> > -- 
> > 
> > --- 
> > You received this message because you are subscribed to the Google 
> Groups "ossec-list" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to ossec...@googlegroups.com . 
> > To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ossec-list/460a4b27-be7c-4c84-af3a-e1eaed037372%40googlegroups.com.
>  
>
>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ossec-list/a4bff135-626a-4563-9db8-d2d16cd995bd%40googlegroups.com.

Re: [ossec-list] ossec-Maild CPU Usage 95% +

2020-04-01 Thread dan (ddp)

On Wed, Apr 1, 2020 at 12:58 PM SHADO  wrote:
>
> Hi!
>
> Did a new install on Ubuntu 18.04 LTS and ossec-Maild is hogging the CPU.
>
>
> ossecmPID 1 78 Mar31 ?07:34:06 /var/ossec/bin/ossec-maild
>
>
>  PID USERPRI   NI  VIRT   RESSHR   S  CPU%  MEM%   TIME+  Command
>
> PID ossecm 20   0 24756  2768  2512 R 96.0  0.0  7h38:20 
> /var/ossec/bin/ossec-maild
>
>
>
>
> Have stopped and restart.
>
>
> Have rebooted.
>
>
> CPU is low until ossec-maild kicks off.
>
>

Which version of OSSEC?
Anything in the ossec.log on the server?


>
> Suggestions?
>
>
> Regards
>
> SHADO
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups 
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ossec-list+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ossec-list/460a4b27-be7c-4c84-af3a-e1eaed037372%40googlegroups.com.

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ossec-list/CAMyQvMpuPR8SPp8X-hh%3DKMfcXC5REXXh4F%2BQUzyAokrtqarwyQ%40mail.gmail.com.

Re: [ossec-list] ossec-Maild CPU Usage 95% +

2020-04-01 Thread Zach Vanderbilt

What is your mail server doing? Is that responding okay? You could try
running ossec-maild in the foreground with the debug flag ( -d) to see if
anything interesting appears.

On Wed, Apr 1, 2020 at 9:58 AM SHADO  wrote:

> Hi!
>
> Did a new install on Ubuntu 18.04 LTS and ossec-Maild is hogging the CPU.
>
>
> ossecmPID 1 78 Mar31 ?07:34:06 /var/ossec/bin/ossec-maild
>
>
>  PID USERPRI   NI  VIRT   RESSHR   S  CPU%  MEM%   TIME+
> Command
> PID ossecm 20   0 24756  2768  2512 R 96.0  0.0  7h38:20 /var/ossec/
> bin/ossec-maild
>
>
>
>
> Have stopped and restart.
>
>
> Have rebooted.
>
>
> CPU is low until ossec-maild kicks off.
>
>
>
> Suggestions?
>
>
> Regards
>
> SHADO
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ossec-list+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ossec-list/460a4b27-be7c-4c84-af3a-e1eaed037372%40googlegroups.com
> 
> .
>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ossec-list/CAPR9YNTK9nDkBL7xA%3D5U8er7nL%2BbHFdjbP62HNuxw3e5tvb9wg%40mail.gmail.com.

Re: [ossec-list] ossec-Maild CPU Usage 95% +

Re: [ossec-list] ossec-Maild CPU Usage 95% +

Re: [ossec-list] ossec-Maild CPU Usage 95% +

3 matches

Site Navigation

Mail list logo

Footer information