I think that realtime monitoring is not supported under solaris.
eero
8.9.2016 9.40 ip. "Stephen LuShing" kirjoitti:
> I install ossec in solaris and trying to check some directories so I setup
> the following in ossec.conf
>
>
>
> check_all="yes">/etc,/usr/bin,/usr/sbin,/usr/sfw/bin
I install ossec in solaris and trying to check some directories so I setup
the following in ossec.conf
/etc,/usr/bin,/usr/sbin,/usr/sfw/bin
/bin,/sbin,/usr/ccs/bin
yes
When I started - I get the WARN message - will ossec check for it will be
ignored.
2016/09/08 14:36:03 ossec-s
Getting back to this old issue I finally found time to do some more
testing.
My own script was apparently not called because the active-response was
disabled for the commands "host-deny" and "firewall-drop" (or maybe one of
them - I did not check). After enabling the two, it works.
Not sur
Hi,
Having fiddled perhaps a bit too much with the setup of OSSEC, my active
responses on my server stopped working last night, and I'm unable to
pinpoint the problem.I unfortunately, even with debug enabled, see any
errors in ossec.log, and I'm quite unsure how to go about debugging this.
If
Am Donnerstag, 8. September 2016 14:45:44 UTC+2 schrieb dan (ddpbsd):
>
> On Thu, Sep 8, 2016 at 8:34 AM, Dominik >
> wrote:
> > Hi there,
> > I just upgraded from OSSEC 2.8.3 to 2.9.0rc3. Since, I'm getting the
> > following error:
> >
> > 2016/09/08 14:04:46 getaddrinfo: Name or service n
On Thu, Sep 8, 2016 at 8:34 AM, Dominik wrote:
> Hi there,
> I just upgraded from OSSEC 2.8.3 to 2.9.0rc3. Since, I'm getting the
> following error:
>
> 2016/09/08 14:04:46 getaddrinfo: Name or service not known
> 2016/09/08 14:04:46 ossec-maild(1223): ERROR: Error Sending email to
> localhost (sm
Hi there,
I just upgraded from OSSEC 2.8.3 to 2.9.0rc3. Since, I'm getting the
following error:
2016/09/08 14:04:46 getaddrinfo: Name or service not known
2016/09/08 14:04:46 ossec-maild(1223): ERROR: Error Sending email to
localhost (smtp server)
The relevant configuration:
yes
l.
Hi everyone!
I've installed an ossec agent on a windows server. The server produces
audit success events that look like this in the eventviewer:
userinfo1
ipinfo2
domain info3
access important
the installed ossec agent parses the events to the archives.log where they
Hi everyone!
I've installed an ossec agent on a windows server. The server produces
audit success events that look like this in the eventviewer:
userinfo1
ipinfo2
domain info3
access important
the installed ossec agent parses the events to the archives.log where they
This is exactly what I was looking for! And I'm really sorry to have wasted
your time, I should have read the documentation more carefully, since it's
clearly explained there.
Thanks!
Il giorno mercoledì 7 settembre 2016 20:02:11 UTC+2, Jesus Linares ha
scritto:
>
> Hi,
>
> you could overwrite
10 matches
Mail list logo
