Hi
I'm using 2.8:
ossec-hids-2.8.1-47.el6.art.x86_64
ossec-hids-client-2.8.1-47.el6.art.x86_64
On Sep 21, 2014 12:31 PM, "dan (ddp)" wrote:
>
> On Sep 21, 2014 7:29 AM, wrote:
> >
> > Hi!
> >
> > I've seen this message from a number of machines in my ossec-hids
> monitoring group (all RHEL6.4/
What we do is move the DHCP files out to a different directory like C:\DHCP
and it works fine on 2008 and 2012.
On Tuesday, October 23, 2012 3:34:47 PM UTC-4, Brian Sims wrote:
>
> I see there is an MS DHCP parser, but I'm not having much success in
> getting it to work in a stable fashion.
On Sep 21, 2014 7:29 AM, wrote:
>
> Hi!
>
> I've seen this message from a number of machines in my ossec-hids
monitoring group (all RHEL6.4/6.5 VMs)
> Does anyone know what it means?
>
It's still a keepalive message that shouldn't be alerting. What version of
ossec are you using?
> OSSEC HIDS No
Hi!
I've seen this message from a number of machines in my ossec-hids
monitoring group (all RHEL6.4/6.5 VMs)
Does anyone know what it means?
OSSEC HIDS Notification.
2014 Sep 21 08:36:11
Received From: (services01.qrios.com) 192.168.2.40->ossec-keepalive
Rule: 1002 fired (level 2) -> "Unknown p
