You installed the binaries in the wrong location?
When install.sh was run originally, was /opt/ossec entered as the location
you'd like ossec to be installed in?
The error message is pretty clear. the program expects to live in /var/ossec,
but can't.
-Original Message-
From: Devendra Ag
Yes of course ! With this command : service ossec restart
- Message d'origine -
De : dan (ddp)
Envoyés : 23.07.10 15:24
À : ossec-list@googlegroups.com
Objet : Re: Re : Re: Re : Re: [ossec-list] Rule for syscheck
On Tue, Jul 20, 2010 at 3:06 AM, Bob Sauvage wrote: >
About the double b
I did an agent install (using binary package under /opt/ossec directory on
Red hat Linux machine. I am getting following error when running
"manage_agents" command. Any idea?
# ./manage_agents
2010/07/23 16:07:40 manage_agents(1209): ERROR: Unable to chroot to
directory: '/var/ossec'.
As osse
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Jul 23, 2010, at 11:50 AM, Jeff Jennings wrote:
> My goal is to use the features of ossec to identify and block dos attacks.
>
> They are coming in the form of http requests
Right, but a given DOS attack can be aimed at a multitude of targets.. F
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Jul 23, 2010, at 12:56 PM, Nikolaidis Fotis wrote:
> Hello.
>
> Is it possible for ossec to monitor the logs of a directory without writing a
> rule explicitly for every file ?
>
> For example i have
>
>DirA
> DirB
Check the documentation (the localfile section of the general configuration
options in the manual), there is a limited amount of globing you can do in the
localfile configs.
-Original Message-
From: Nikolaidis Fotis
Sent: 07/23/2010 12:56:00 PM
Subject: [ossec-list] Ossec directory mo
Hi Matt,
In which file does your system store your snort events?
David
http://blog.ombrepixel.com/
Those are PHP errors, not ossec errors. It looks like they're from ossec-wui.
It looks like the functions in the messages are getting the wrong arguments.
You can look at the functions in the php documentation to see what they expect.
-Original Message-
From: Dave
Sent: 07/23/2010 8:17
--On July 23, 2010 11:00:21 AM -0700 reg wrote:
I am trying to write a custom active response based upon the
instructions here.
http://www.ossec.net/wiki/Know_How:CustomActiveResponses
To test, I copied this text exactly and ran it on the server no
problem. However, I would
like to have thi
On 07/23/2010 12:56 PM, uifjlh wrote:
Has anyone looked at a "rule" for SharePoint 2007?
There are some "special services" that SP has that I'd like to
monitor.
Thank you!
jlh
There are currently no Sharepoint rules, but feel free to submit some
logs and someone may help to write a decoder
I chose /opt/ossec as install directory. Why would it expect /var/
ossec when there is no / var/ossec on this machine. Should try re-
install? If yes, plz let me know of unistall steps
Thanks,
Devendra
On Jul 24, 2010, at 12:19 AM, "ddp...@gmail.com"
wrote:
You installed the binaries in
11 matches
Mail list logo
