Hi Josh ,
The binary you've uploaded here is the same one that comes with OSSEC 2.8 .
I am using the same binary at the moment in our environment and the
subscription / bookmarks error remains the same as posted earlier in this
thread ..
Precisely the problem is on Agent 2.8 , eventchannel d
Yes, that pre-release binary does not appear to be working correctly with
eventchannel - I have a binary from early January in which eventchannel is
working correctly:
http://1drv.ms/1KtHRo8
However, if this is going to be used outside of a lab environment, you
should definitely compile from t
I haven't seen this directory fill up unless it cannot talk to the server
and even in that case it did not take much disk space
What kind of size are you seeing?
On Wednesday, August 19, 2015 at 10:51:26 AM UTC-4, Jamey B wrote:
>
> I'm making a CRON job to remove anything in the queue folder, w
>
> I accidentally deleted rids from server, and then got duplicate errors in
> client log.
>
So i made powershell script, which connects to the client computers, stops
ossec service, deletes files from client rids directory, and starts the
ossec service.
After that, i deleted rids from ossec
