Re: [ossec-list] OSSEC installation error cc: error trying to exec 'as': execvp

hello Eero, here is the command to find what is the missing package : I run this on a working machine: rpm -qf $(which as) binutils-2.20.0-0.7.9 and yes, binutils wasnt installed on the machines with compiling errors. On Wednesday, November 18, 2015 at 7:30:15 PM UTC+1, Edward wrote: > > in c

[ossec-list] OSSEC Server Integration with SIEM

Hi Support, Need your help to understand, can we integrate the OSSEC server with SIEM solution. All event collected by OSSEC server will be forwarded to SIEM. Regards Vipin Hooda Mobile: 9582596577 -- --- You received this message because you are subscribed to the Google Groups "ossec-list"

Re: [ossec-list] OSSEC Server Integration with SIEM

What SIEM do you use? Are you looking for professional support? Best On Fri, Nov 20, 2015 at 8:22 AM, wrote: > Hi Support, > > Need your help to understand, can we integrate the OSSEC server with SIEM > solution. All event collected by OSSEC server will be forwarded to SIEM. > > Regards > Vip

[ossec-list] Re: Windows Event ID 4625

I have a decoder that grabs the appropriate Account Name, but have come across another issue. Even if I am able to properly decoder "user", my ossec alert.log does not correlate that to "user" unless it's in the expected location in the WinEvtLog header. Raw Log WinEvtLog: Security: AUDIT_SUC

Re: [ossec-list] Re: Windows Event ID 4625

We addressed this using an OSSIM plugin to read a different part of the alert log Hope that helps sir Grant Leonard Castra Consulting, LLC 919-949-4002 On Fri, Nov 20, 2015 at 12:28 PM, Joshua Roback wrote: > I have a decoder that grabs the appropriate Account