I have server installed and one agent. I am on Ubuntu 12.04
I have agent and server started.
ports 1515 and 1514 are open
on the server ran /var/ossec/bin/ossec-authd -p 1515 >/dev/null 2>&1 & and
have sskmanager keys installed. web ui is working as well. just no agents
on the agent I ran
By the way..this does not work per the online docs
/var/ossec/bin/ossec-authd -p 1515 >/dev/null 2>&1 &
I used /var/ossec/bin/ossec-authd -p 1515
On the server:
root@doXossecXsgXdevelopmentX1:/var/ossec/etc# /var/ossec/bin/ossec-authd
-p 1515
2014/02/18 02:32:22 ossec-authd: INFO: Started
I used pexpect in chef. Worked nice!
script "python_install_ossec" do
interpreter "python"
user "root"
cwd "/var"
code <<-PYCODE
import pexpect
import sys
child = pexpect.spawn ('/var/ossec-hids/install.sh')
child.logfile = sys.stdout
child.expect ('(en/br/cn/de/el/es/fr/hu/it/jp/nl/pl/ru/
I found something interesting
at http://blog.kintoandar.com/2011/01/nagios-nrpe-ossec-check.html which
uses NRPE to swatch/grep the alerts.log logfile for specific alert levels
and display those in Nagios.
Op donderdag 6 februari 2014 10:28:58 UTC+1 schreef Chris H:
>
> could you do something w
Hi guys,
I have a question:
how often the /var/ossec/etc/shared folder gets replicated?
Which is the best way to force the replication in ALL of my agents?
Thanks!
Regards,
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe f
I need intrusion detection for a kiosk. The kiosks have either a Windows
7-64 bit or Vista 32-bit operating system.
The requirements are to scan the Windows directory, scan our application
program directory, send alerts and reports. The kiosk is not responsible
for scanning the network or any
Ossec is unlikely to help as it needs a Linux server to do anything.
--
James Pulver
CLASSE Computer Group
Cornell University
From: ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com] On
Behalf Of Prof
Sent: Tuesday, February 18, 2014 11:16 AM
To: ossec-list@googlegroups.com
Subject
Greetings
I have OSSEC 2.7 server agent setup and have been trying to have the agent
ignore some specific directories.
So far the test cases have been successful, but im stuck on this in
particular -
Trying to ignore the directories -
/home/foo/foofoo/*/tmp
by * i mean all the directories u
On Tue, Feb 18, 2014 at 1:27 PM, Anuj AJ wrote:
> Greetings
>
> I have OSSEC 2.7 server agent setup and have been trying to have the agent
> ignore some specific directories.
> So far the test cases have been successful, but im stuck on this in
> particular -
>
> Trying to ignore the directories -
Was thinking the same, since some other permutations of '*' wasnt working
either.
Is there any other way i can accomplish what i seek ??
Would really appreciate the help.
Thanks
Anuj
On Tuesday, February 18, 2014 10:29:04 AM UTC-8, dan (ddpbsd) wrote:
>
> On Tue, Feb 18, 2014 at 1:27 PM, An
On Tue, Feb 18, 2014 at 2:06 PM, Anuj AJ wrote:
> Was thinking the same, since some other permutations of '*' wasnt working
> either.
>
> Is there any other way i can accomplish what i seek ??
> Would really appreciate the help.
>
^/home/smartbiz/
releases/DIR1/tmp
^/home/smartbiz/
releases/DIR2/
Oh .. sorry .. i wasnt clear ... the directories denoted by * get
dynamically added frequently (as you can see like releases).
^/home/smartbiz/releases/DIR1/tmp
^/home/smartbiz/releases/DIR2/tmp
..
..
So if there is any way that OSSEC can skip just the 'tmp' directories under
those directories
On Tue, Feb 18, 2014 at 2:15 PM, Anuj AJ wrote:
> Oh .. sorry .. i wasnt clear ... the directories denoted by * get
> dynamically added frequently (as you can see like releases).
>
> ^/home/smartbiz/releases/DIR1/tmp
> ^/home/smartbiz/releases/DIR2/tmp
> ..
> ..
>
> So if there is any way that OSS
Hello,
I am looking to get the ossec-authd to work with the following:
/var/ossec/bin/ossec-authd -p 1515. I am using the virtual appliance and
getting used to OSSEC as a whole. I would like to enable the automatic key
generation but running into this roadblock. I did install openssl-devel
On Tue, Feb 18, 2014 at 2:22 PM, Nick Bruno wrote:
> Hello,
>
> I am looking to get the ossec-authd to work with the following:
>
> /var/ossec/bin/ossec-authd -p 1515. I am using the virtual appliance and
> getting used to OSSEC as a whole. I would like to enable the automatic key
> generation b
15 matches
Mail list logo