Hi,
I have 5 windows server 2008 and they booting the same image. How can I use
OSSEC for them? Installing it one the image makes no sense in my view. I
know there is an option to use remote monitoring with ossec. Where can I
find the needed keys in the windows system?
Best Regards
Werner
--
On Fri, Sep 15, 2017 at 3:03 AM, wrote:
> Hi,
> I have 5 windows server 2008 and they booting the same image. How can I use
> OSSEC for them? Installing it one the image makes no sense in my view. I
> know there is an option to use remote monitoring with ossec. Where can I
> find the needed keys
Hi. Sorry for the bad explantation.
It's a provisioning concept. I have an image on a storage, servers take
this image. That's why all have the same installation - all have the same
ossec keys. That's my problem.
Best Regards
Am Freitag, 15. September 2017 14:09:08 UTC+2 schrieb dan (ddpbsd)
I turned them OFF this way.
I am assuming you can declare just these options with no logging location
and you will have the reverse of my config
yes
no
no
yes
no
no
HKEY_LOCAL_MACHINE
HKEY_USERS
HKEY_CURRENT_CONFIG
HKE
