https://ossec-docs.readthedocs.org/en/latest/whatsnew/
https://ossec-docs.readthedocs.org/en/latest/manual/installation/updates.html
From: ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com] On
Behalf Of treydock
Sent: Thursday, April 09, 2015 1:48 PM
To: ossec-list@googleg
I don't believe that this simple decoder doesn't work for my custom log:
<*decoder* name="fakeinc_custom">
<*prematch*>^Fakeinc:
for this log:
*Mar 26 10:56:36 small-VirtualBox small: Fakeinc: service for:
toto@10.0.0.2 Failed*After performing some test, i have
found that *program_n
I am on OSSEC 2.7.1 and wanted to upgrade to 2.8.1 and have found the link
for the release notes [1] does not work. Is there an alternative location
to find release notes and possibly steps necessary to perform an upgrade?
Thanks,
- Trey
[1]: http://www.ossec.net/files/ossec-hids-2.8-release-n
On Apr 9, 2015 1:55 PM, "Eero Volotinen" wrote:
>
> Please remove this spammer from mailinglist?
>
That's a great idea!
> --
> Eero
>
> 2015-04-09 19:23 GMT+03:00 saquib ansari
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscri
Please remove this spammer from mailinglist?
--
Eero
2015-04-09 19:23 GMT+03:00 saquib ansari :
> *
> NOTE: Only
> for W2 candidates*
>
>
> *Job Title:* ETL Developer
>
> *Location:* Woodlawn, MD
>
> *Duration:* 2+ years(extendable)
On Apr 9, 2015 1:36 PM, "LostInTheTubez" wrote:
>
> So... when does it become appropriate to ban this guy?
>
>
>
As soon as i get to a computer to do it. I'm having trouble figuring out
how to do it with my phone. I've turned the moderation back on because of
this asshole and the fact I don't hav
So… when does it become appropriate to ban this guy?
From: ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com] On
Behalf Of saquib ansari
Sent: Thursday, April 09, 2015 9:45 AM
To: undisclosed-recipients:
Subject: [ossec-list] Urgent requirement:: WebSphere Administrator @ Wood
*
Note: Only for W2 candidates*
Hey there,
Greetings for the day, please have a look on the below requirement and if
interested then revert me back with your updated resume.
*Job Title:* WebSphere Administrator
*Location:* Woodlawn, MD
*Experience:* 11 years related
*Ed
*Note: Only for W2 candidates*
Hey there,
Greetings for the day, please have a look on the below requirement and if
interested then revert me back with your updated resume.
Job Title: DB2 DBA
Location: Woodlawn, MD
Experience: 11 years related experience
Education: BS d
*
NOTE: Only
for W2 candidates*
*Job Title:* ETL Developer
*Location:* Woodlawn, MD
*Duration:* 2+ years(extendable)
*Minimum Experience: * 5+ Years
*Required Education: * BA/BS Degree
*Job Description:*
We have an immediate
On Apr 9, 2015 6:20 AM, "Ricardo Perre" wrote:
>
> Thanks for you reply.
> Can you be more specific?
> What should i remove from that script? Should I read the code and figure
it out?
>
I'm not looking at the code right now, but i think the daemons are all
listed in a DAEMONS variable. Just remov
Thank you for your time* (not enough cofee yet)
On Thu, Apr 9, 2015 at 12:36 PM, Ricardo Perre wrote:
> Yes, done it and it works.
> Thank your for time.
>
> On Thu, Apr 9, 2015 at 12:35 PM, dan (ddp) wrote:
>
>>
>> On Apr 9, 2015 6:20 AM, "Ricardo Perre" wrote:
>> >
>> > Thanks for you reply.
Yes, done it and it works.
Thank your for time.
On Thu, Apr 9, 2015 at 12:35 PM, dan (ddp) wrote:
>
> On Apr 9, 2015 6:20 AM, "Ricardo Perre" wrote:
> >
> > Thanks for you reply.
> > Can you be more specific?
> > What should i remove from that script? Should I read the code and figure
> it out?
Done it, and syscheck does not start. Thank you both for your time.
Needless to say that to disable a feature one must edit code, its not how
it was supposed to work.
On Thu, Apr 9, 2015 at 12:24 PM, Matthias Fraidl wrote:
> On 04/09/2015 01:20 PM, Ricardo Perre wrote:
> > Thanks for you reply.
On 04/09/2015 01:20 PM, Ricardo Perre wrote:
> Thanks for you reply.
> Can you be more specific?
> What should i remove from that script? Should I read the code and figure it
> out?
have a look at the ${ossecdir}/bin/ossec-control script and remove the
ossec-syscheckd from DAEMONS and SDAEMONS def
Thanks for you reply.
Can you be more specific?
What should i remove from that script? Should I read the code and figure it
out?
On Thu, Apr 9, 2015 at 12:17 PM, dan (ddp) wrote:
>
> On Apr 9, 2015 6:06 AM, "Ricardo Perre" wrote:
> >
> > Hi,
> >
> > I've removed all syscheck configs from agent.
On Apr 9, 2015 6:06 AM, "Ricardo Perre" wrote:
>
> Hi,
>
> I've removed all syscheck configs from agent.conf (also from
ossec-agent.conf).
> My conf looks like this:
>
>
>
>
> syslog
> /var/log/messages
>
>
>
> syslog
> /var/log/secure
>
>
>
> syslog
> /v
On Apr 9, 2015 1:53 AM, "Network Infrastructure"
wrote:
>
> Hello sir!
>
> I would like to ask you how to configure log in archives.log to send
email to me or other users.
>
Ossec only sends emails for alerts.
>
> Thank!
>
> --
>
> ---
> You received this message because you are subscribed to th
Hi,
I've removed all syscheck configs from agent.conf (also from
ossec-agent.conf).
My conf looks like this:
syslog
/var/log/messages
syslog
/var/log/secure
syslog
/var/log/maillog
apache
/var/log/httpd/error_log
apache
/
19 matches
Mail list logo
