Hi Dan,
If i add or delete file in a particular folder on windows agent desktop.
I want to see their addition or deletion log on server/manager side.
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop
Hi All,
Can I monitor a particular folder on desktop of my windows agent.
If yes then how it can be done. Also I want to monitor a particular
drive(:C).
thanks...
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this g
thanks dan & Jesus Linares for your help
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more options, visi
Hi,
I create custom decoder, /var/ossec/etc/local_decoder.xml as:
myapplication
^myapplication:
Entry of decoder in manager ossec.conf file as:
local_rules.xml
etc/decoder.xml
etc/local_decoder.xml
rules/plugins
when i run logtest command it show this:
/var/osse
HI,
How ossec manager reads decoder...?
Thanks..
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more opti
Hi All,
I am also facing the same problem.I am not getting alert of
creation/deletion of file from windows agent
to my manager(linux). Agent show connected and active, I only get alert
from agent(win) is agent start/restart/change in ossec.conf(agent).
To monitor D:\ drive, I have done the fo
Hi All,
I am also facing the same problem.I am not getting alert of
creation/deletion of file from windows agent
to my manager(linux). Agent show connected and active, I only get alert
from agent(win) is agent start/restart/change in ossec.conf(agent).
To monitor D:\ drive, I have done the fo
Hi All,
Anyone can help me in configuring oseec with ELK stack.
I don't know how to do it.
Thank's
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to os
Thanks Pedro, really appreciable.
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://gr
Hi Dan,
I want know, how ossec manager found that agent is disconnected.
Not by " /var/ossec/bin/agent_control -lc " this command.
I mean by their connection(or communication).
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe
Hi Dan Problem has been resolved now.
Thanks for your help.
On Saturday, May 13, 2017 at 5:23:49 AM UTC+5:30, dan (ddpbsd) wrote:
>
> On Fri, May 12, 2017 at 4:45 AM, Akash Munjal > wrote:
> > Hi dan,
> >
> > Thanks for the response. I tried this, but problem rem
Hi dan,
Thanks for the response. I tried this, but problem remains same.
If you have another method to solve this please share.
Best Regards,
Akashdeep Munjal
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group a
Hi All,
I can not receive alert from this agent(ID:1024). When i check the status
it look like this.
Please help me out.
/var/ossec/bin/agent_control -i 1024
OSSEC HIDS agent_control. Agent information:
Agent ID: 1024
Agent Name: MMTC_UAT_APP1_X.X.X.X
IP address: any/any
Statu
13 matches
Mail list logo
