I know this is an old thread but when I Googled, this was the top result, so I figured it would be okay to continue the discussion here.
I just received this today: OSSEC HIDS Notification. > 2019 Apr 04 12:31:45 > > Received From: server->ossec-keepalive > Rule: 1002 fired (level 2) -> "Unknown problem somewhere in the system." > Portion of the log(s): > > --MARK--: gnetT9ILb_p+LIy(PF!1*#11NrDK!XIzsNS@4[4nwCd7s^c7ou*NbMiO3'GH > /^oq!7KIjiWG;hVl-fATAla^fXx8QmY.]un5]fhT2lHU6KnfQ,Yyhghn3( > D2/JZ'4ughAo0,$P/,[mb;iZq3nxy*X2]WTU.rwezW6Ha]=?=*Z;97?H( > n4lM9vHz%J@a5^z!Po!KfrC-&8h?qO(*0.xEsmlOV-O8nvM2K5VP-F_pVJ > o@GaWaL)(3NM0QCitQ(n0wA3trcV_Y?c*FRI),9oir087,yI[kWd_- > 6iVr3=xk[i.L/*+8?.HhnWRMNMWd.LH3bLCmCZ@!q83obTEO/@V0&hgxb > Ubuntu 18.04 LTS dpkg -s ossec-hids-server Version: 3.2.0-6132bionic >From atomiccorp.com repo We're on an upgrade cadence and it looks like there's a 3.3.0-6515bionic package listed as an upgrade, however when I went to the website to check for a change log, it's showing 3.2 as the latest? Did this bug creep back in at some point and get fixed in 3.3.0, or does Dan still need help tracking this down? The system seems to be functioning fine -- nothing notable in dmesg or syslog. The server is mostly idle as we're just using for testing -- it's an m4.4xlarge instance in AWS. Uptime shows 51 days, and this is the first time I've received this from the instance. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.