Can ossec agent be installed on a Red Hat Linux machine with no gcc ?
Hello, i'm pasting next the decoder and file stuff for a proxy called
pound, i hope it helps and also could be considered to be added next
release:
Sample Logs:
Feb 15 16:06:30 serverca16 pound: bad request "OPTIONS /docs/ HTTP/
1.1" from 200.28.130.166
Feb 15 13:29:44 serverca16 pound: bad heade
Hi,
I have a centralized syslog-ng server collecting logs from all DMZ server.
I'd like to pass all these informations to ossec 2.0.3 I've installed
on the same machine (FreeBSD 7.2-p4 amd64),
but syslog-ng prepends to every row 4 or 5 fileds (date and hostname),
so that ossec is unable to apply sp
Hi,
I want to control any modification of logs files. For this I have
introduce introduce in syscheck section of onssec.conf
/var/ossec/logs/archives/*/*
This work fine, but I want to avoid alerts about current day logs
files. I have try
/var/ossec/logs/archives/%Y/%b/ossec-archive-%d.log
but
Hi,
When starting ossec, no 1514 port is open and I see in my /var/log/messages
this error
Feb 22 12:03:02 s3cure kernel: [548043.787406] ossec-remoted[25511]:
segfault at 99 ip 08062f01 sp bf8cc7c0 error 4 in
ossec-remoted[8048000+3b000]
with gdb I get this output
GNU gdb