On Thu, Feb 16, 2017 at 11:57 AM, Eduardo Reichert Figueiredo
wrote:
> Hi all,
> i tested ossec with agents (windows) set ip 10.10.10.0/24, and alway
> computer within network response with your log (file integrity, evnt vwr).
> But, when i have alert of integrity file (syscheck) my alert not disp
Hi all,
i tested ossec with agents (windows) set ip 10.10.10.0/24, and alway
computer within network response with your log (file integrity, evnt vwr).
But, when i have alert of integrity file (syscheck) my alert not display
the hostname of windows and only dispaly name of agent before configured
Hi Nguyen,
Thanks for the digit meaning, in my experience, for Windows or Windows
desktop latest versions the digits have been replaced by the terms, but I
am not sure what Windows versions have digits or terms.
You could do the correlation at C level on OSSEC, maybe using a CDB List
(matching fo