Dear all,
Any of you have working with ossec server talking to ossec in OSSIM?
I send alert level ossec via syslog to rsyslog ossim but not working
because OSSIM use custom log with tag AV in front of each log so alert from
ossec server not recognize by OSSIM.
I heard about ossec in hybrid mode.
On Wed, Nov 12, 2014 at 5:47 AM, Teddy Jayasaputra
wrote:
> Dear all,
>
> Any of you have working with ossec server talking to ossec in OSSIM?
>
> I send alert level ossec via syslog to rsyslog ossim but not working because
> OSSIM use custom log with tag AV in front of each log so alert from osse
On Sat, Nov 8, 2014 at 5:12 AM, Eero Volotinen wrote:
> Hi List,
>
> looking for gpg signatures for ossec releases? where I can download them?
>
It doesn't look like they're currently offered.
> --
> Eero
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
On Mon, Nov 10, 2014 at 4:02 AM, Chris H wrote:
> The only calls in the strace to alerts.log are these:
>
> sendto(4, "1:ossec-keepalive:--MARK--: no[;"..., 673, 0, NULL, 0) = 673
>
Are you sure 4 is a log file, and not the connection to the
ossec-remoted on the other end? I don't think there's e
2014-11-12 16:08 GMT+02:00 dan (ddp) :
> On Sat, Nov 8, 2014 at 5:12 AM, Eero Volotinen
> wrote:
> > Hi List,
> >
> > looking for gpg signatures for ossec releases? where I can download them?
> >
>
> It doesn't look like they're currently offered.
>
So, is there any way to verify that source dis
On Wed, Nov 12, 2014 at 12:48 PM, Eero Volotinen wrote:
>
>
> 2014-11-12 16:08 GMT+02:00 dan (ddp) :
>>
>> On Sat, Nov 8, 2014 at 5:12 AM, Eero Volotinen
>> wrote:
>> > Hi List,
>> >
>> > looking for gpg signatures for ossec releases? where I can download
>> > them?
>> >
>>
>> It doesn't look lik
On Wed, Nov 12, 2014 at 11:49 AM, dan (ddp) wrote:
> On Mon, Nov 10, 2014 at 4:02 AM, Chris H wrote:
>> The only calls in the strace to alerts.log are these:
>>
>> sendto(4, "1:ossec-keepalive:--MARK--: no[;"..., 673, 0, NULL, 0) = 673
>>
>
> Are you sure 4 is a log file, and not the connection t
Hello Guys/Gals,
I have a new system up and running with OSSEC. trying to get an agentless
deployment working and it is timing out right after a successful login. I
have tried the expect script with commands such as "pwd" and it always
times out. this happens for a few linux hosts and a MAC
On Wed, Nov 12, 2014 at 3:02 PM, Jim Nofsinger wrote:
> Hello Guys/Gals,
>
> I have a new system up and running with OSSEC. trying to get an agentless
> deployment working and it is timing out right after a successful login. I
> have tried the expect script with commands such as "pwd" and it alw