Hey,
can anybody tell me what the following line in ossec.log means:
ossec-remoted: INFO: Event count after '2': 1393713->1465256
(105%)
Kind regards,
Oscar
Hi everybody.
Is there a way to create a custom Decoder (or Rule) that matches the
name of the initial monitor log filename?
For exemple:
* I have an Ossec client that monitors a file /usr/local/jboss/server/
default/log/server.log configured as syslog file.
syslog
/usr/local/jboss/server/
Hi all,
I need to know if I can update an aging central server to 2.3 while
leaving the agents at 1.6. I haven't had a chance to read the book
through yet (wouldn't figured that's covered anyway), but I did find
mention of it in the list archive
(http://groups.google.com/group/ossec-list/browse_th
