Moving the repeated_offenders to its own block did not work for me. I don't see
anything in the log on start either.
Is this feature confirmed as working? Just doesn't seem to have many docs for
it, would be a nice feature to use.
Jake
Sent using BlackBerry® from Orange
-Original Message--
I gave up on the wui.
Load splunk (free version is plenty ample) ... have it monitor your ossec
logs. Load the OSSEC splunkbase app ... fancy UI done.
/nick
On Tue, Dec 13, 2011 at 8:29 PM, dan (ddp) wrote:
> On Tue, Dec 13, 2011 at 12:35 PM, culley wrote:
> > Hi,
> >
> > I have read the d
Ok I have file permission configured correctly, I disabled SELinux add
it worked straight away.
So it's an SELinux issue but what do I need to do to make SELinux and
OSSEC-WUI work?
I know I should not use the WUI but for the moment and for other
people monitoring our systems it is the best solut
Daer dan
For my ossec this read log router Cisco device,
Yes, this is for my configure
/var/ossec/bin/ossec-control enable agentless
/var/ossec/agentless/register_host.sh add username@x.x.x.x [ip router]
sudo -u ossec ssh username@ x.x.x.x
this no use ossec manager, I have read from official m
