Hi Dave, thanks for sharing your conclusions with us, let me answer you
each point.
*"convert the OSSEC/WAZUH rules to a MySQL database table"*
In case it helps, I think OSSEC already insert each rule into a MySQL
database, I can't try it out right now but you can see in the links below
the MySQL
Hey Eero,
>From examining the server -
Both disk speed and network should not be a problem,
but I did notice a shortage of Available RAM (around 300 MB left).
Ill make the changes tomorrow and add more RAM and update if it was the
case.
On Wednesday, July 20, 2016 at 10:47:41 PM UTC+3, Eero Vol
I am posting this to both the OSSEC and WAZUH mailing lists as this message
applies to both. First, I want to express my appreciation for OSSEC and all
of the work that the developers have put into this tool. I worked with a
number of programs in the past to collect SIEM event data (Snare and
Are you running out of network or disk speed?
Eero
20.7.2016 10.39 ip. "eyal gershon" kirjoitti:
> Hey Jose,
>
> There was no update or upgrade done.
> I performed the procedure you mentioned before but the results stayed the
> same.
>
> I have around 1600 servers and 400 who do not connect.
>
Hey Jose,
There was no update or upgrade done.
I performed the procedure you mentioned before but the results stayed the
same.
I have around 1600 servers and 400 who do not connect.
Do you have any other idea on why this happens?
Or any thing else I can test?
On Wed, Jul 20, 2016 at 6:03 PM, J
I'd like to see answers for that as well, since I have a similar problem
Em terça-feira, 19 de julho de 2016 11:13:50 UTC-3, Quintin Beukes escreveu:
>
> Hi,
>
> A few days ago some of my OSSEC agents started going offline and stop
> sending alerts, and then a long while after come back online a
On Wed, Jul 20, 2016 at 11:05 AM, Kumar G wrote:
> Hi, Is there any harm in increasing the varchar in schema. I expect it
> should be good to change, but not sure if this is defined anywhere in the
> source code.
>
The source is open, you can check. You can also make the change in a
testing envir
Hi, Is there any harm in increasing the varchar in schema. I expect it
should be good to change, but not sure if this is defined anywhere in the
source code.
On Tuesday, 19 July 2016 22:59:00 UTC+5:30, Kumar G wrote:
>
> Hi all,
>
> We have a requirement like increasing the description data t
Hi Eyal,
this is a familiar problem that we have come across in the past as
well. The counter of the rids file can run out of sync, if the manager
and the respective agent have troubles exchanging control messages.
Have you perhaps reinstalled the manager or one of the agents recently?
You
On Tue, Jul 19, 2016 at 10:19 AM, Quintin Beukes wrote:
> The logs on the agent show this:
> 2016/07/19 16:18:27 ossec-agentd(4101): WARN: Waiting for server reply (not
> started). Tried: 'ossec.jeoffice/10.10.12.171'.
> 2016/07/19 16:18:29 ossec-agentd: INFO: Trying to connect to server
> (ossec.
On Mon, Jun 6, 2016 at 5:49 PM, Kevin Branch
wrote:
> The news about folks getting exploited via TeamViewer made me want to get
> proactive notification whenever any of my systems get logged into via Chrome
> Remote Desktop. These rules will send email alerts about failed and
> successful logins
Hey Everyone,
I am noticing some irregular activity in some of my OSSEC agents -
*A little bit about the system - *
My Deployment is on 2000~ servers managed from dedicated ossec manager.
I currently have 1600~ agents connected on a full basis and 400~ servers
who connect and disconnect all th
Tried compiling ossec 2.8.3 under Solaris/x86 5.10 and it worked. Any of
these messages are not errors, they are just warnings.
Please provide complete output from compiling.
Eero
2016-07-19 22:28 GMT+03:00 Kumar Mg :
> Hi,
>
> We also have the agent compilation issue on the Solaris platform wi
13 matches
Mail list logo
