Re: [ossec-list] Is there a way to send AGENT's ossec.log to syslog server using ryslog.conf

You could have ossec monitor ossec.log like it does with active- responses.log. You'd just have to write rules for it, or barring that turn on archives.log -Scott On Mon, 2019-03-25 at 08:02 -0400, dan (ddp) wrote: > On Fri, Mar 22, 2019 at 12:01 PM YoYo wrote: > > Hi All, > > > > We are

Re: [ossec-list] Updates rules and signatures

They're internal to the package *for the moment*, so when we release an OSSEC update the new rules come along with it. When you update to 2.9.1 its going to update the rules along with it. Eventually we're going to break the more dynamic content (rules, decoders, etc) into a separate package.

RE: [ossec-list] Detecting changes to running processes ports

If you could send me your changes I can get those added into the main package too. -Scott On Thu, 2010-08-26 at 11:41 -0400, David Porcello wrote: Indeed I am. Specifically, here are the Atomic packages I installed: inotify-tools-3.11-1.el5.art.x86_64.rpm

[ossec-list] Release Announcement: OSSEC-HODS 2.0 RPM packages for CentOS, RHEL, Fedora

This is an initial release of OSSEC-HIDS 2.0 from the [atomic] rpm repository for: * CentOS 4 * CentOS 5 * RHEL 4 * RHEL 5 * Fedora 4-10 available for both i386 and x86_64 platforms. The atomic yum repository is located at: http://www.atomicrocketturtle.com Short Installation instructions: