No.
On Nov 30, 2011 8:40 AM, Peter M Abraham peter.abra...@dynamicnet.net
wrote:
Good day everyone:
RE: http://dcid.me/2011/09/detecting-outdated-web-applications-with-ossec/
Is there a way for each agent that detects outdated web applications
that in addition to the email alert the ossec
You'll have to modify the code to run that. If you do, please forward the
changes.
On Nov 30, 2011 8:12 PM, Paul paul.christi...@gmail.com wrote:
Hi,
Rather than using email, I would like OSSEC to send it’s notifications
to a bash script which I wrote.
This script then publishes the message
I know this problem doesn't get covered very often on the list, so start
here :
http://devio.us/~ddp/ossec/docs/faq/unexpected.html#agent-won-t-connect-to-the-manager
On Nov 30, 2011 1:05 PM, Mark C mca...@live.com wrote:
How were you able to fix this? I'm getting the same errors on one of my
On 11/30/2011 08:32 PM, Kacper Wysocki wrote:
On Wed, Nov 30, 2011 at 5:13 PM, Katuncommon...@gmail.com wrote:
Ok this one has me stumped and I am not sure it can be done.
I have a dozen or so accounts using ssh keys. Pretty normal. I want to
set an alert only if one of these accounts
On Thu, Dec 1, 2011 at 2:51 PM, Dennis Golden
dgol...@golden-consulting.com wrote:
Why don't you setup sshd to ONLY accept the key and NOT the password?
isn't that a given? you want to have the option to login with a password.
the real question is whether this kind of rule will be useful in the
On Wed, Nov 30, 2011 at 3:23 PM, alsdks als...@gmail.com wrote:
Hello Dan,
Yes I run ossec-makelists (it said it did not need to be compiled)
It is like this
list/var/ossec/rules/trusted_ips/list
I don't know if this affects you since you put the full path in there,
but lists should take
Hi Dan:
It looks like the message for the /var/ossec/logs/alerts.log (and archives
in compressed format) is in /var/ossec/etc/shared/system_audit_rcl.txt
Do you know what I would have to change so that the agent name or agent id
or agent host name was included on the same line of the outdated