On Mon, Apr 8, 2019 at 2:34 PM Ian Brown wrote:
>
> Yeah, it's on a production server so I can't immediately upgrade that. I
> just did search for "ossec-maild" under releases and see that this has been
> touched quite a bit since my version. I'll push to get a newer version
> installed by ne
Yeah, it's on a production server so I can't immediately upgrade that. I
just did search for "ossec-maild" under releases and see that this has been
touched quite a bit since my version. I'll push to get a newer version
installed by next release. Thanks Dan!
On Monday, April 8, 2019 at 10:5
On Mon, Apr 8, 2019 at 10:13 AM Abid Raza
wrote:
>
> Team,
>
> I have recently installed an standalone OSSEC 3.2 Server and added my Active
> Directory servers as agents. I have also installed OSSEC AGent v3.2 or my
> Domain Controllers and started the agent service.
>
> I don't see any logs in
On Wed, Apr 3, 2019 at 10:53 AM wrote:
>
> Hi
>
> I have setup my OSSEC server and the OSSEC agents are sending logs to it
> successfully. The logs are being stored in the archives.log file with the
> hostname and the IP address of the agent. However any alerts/log events
> created by the OSS
On Mon, Apr 8, 2019 at 1:13 PM Ian Brown wrote:
>
> I'm trying to figure out why ossec is sometimes not emailing triggered 31122
> alerts.
>
> Here's a log entry in ossec's alerts log file:
>
>> ** Alert 1554150564.41683927: mail - web,accesslog,system_error,
>> 2019 Apr 01 20:29:24 us-web->/log
On Mon, Apr 8, 2019 at 1:18 PM Ian Brown wrote:
>
> Also, I'm aware of the email_maxperhour setting (12 seems low for a default
> setting?), however, as you can see in the alert info above, the alert was
> created a week ago and was never delivered.
>
> Is there a command to show the ossec email
Also, I'm aware of the email_maxperhour setting (12 seems low for a default
setting?), however, as you can see in the alert info above, the alert was
created a week ago and was never delivered.
Is there a command to show the ossec email queue, or a file/folder location
I can check?
Is there a
I'm trying to figure out why ossec is sometimes not emailing triggered
31122 alerts.
Here's a log entry in ossec's alerts log file:
** Alert 1554150564.41683927: mail - web,accesslog,system_error,
> 2019 Apr 01 20:29:24 us-web->/log/jetty/2019_04_01.request.log
> Rule: 31122 (level 5) -> 'Web s
Team,
I have recently installed an standalone OSSEC 3.2 Server and added my
Active Directory servers as agents. I have also installed OSSEC AGent v3.2
or my Domain Controllers and started the agent service.
I don't see any logs in the archive.log or ossec.log file. Furthermore,
When I run the