Am Donnerstag, 24. September 2015 16:45:11 UTC+2 schrieb Thomas Unger:
>
> Hello,
>
> i run ossec 2.8.1 compiled from source on a centos (el6 x64) 8GB Box quite
> stable for over 2 years (incl prev. ossec versions).
> Last week suddenly there was no processing of ale
he problem was gone.
Am Donnerstag, 24. September 2015 16:45:11 UTC+2 schrieb Thomas Unger:
>
> Hello,
>
> i run ossec 2.8.1 compiled from source on a centos (el6 x64) 8GB Box quite
> stable for over 2 years (incl prev. ossec versions).
> Last week suddenly there was no pro
Hello,
i run ossec 2.8.1 compiled from source on a centos (el6 x64) 8GB Box quite
stable for over 2 years (incl prev. ossec versions).
Last week suddenly there was no processing of alerst. It turned out that
ossec-analysisd was killed due to out of memory.
Today it happended again and so i
At least on win32-clients, i had to enable active-response ot use the
restart-feature
active-response
disabledno/disabled
/active-response
Am Mittwoch, 12. Juni 2013 08:08:14 UTC+2 schrieb Macus:
Yes, the ossec-execd is running on both server and agent boxes.
dan (ddpbsd)於
i found it useful to run a nessus-scan (web-app profile) against one of my
servers. If you reveive alerts by ossec then the log is really monitored.
Regards, T.
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To unsubscribe from this group
Ok, it seems i can answer this now.
After digging through the ossec-source it was confirmed, that
ossec-logtest uses the current time as alert-time. This is absolutely
correct.
Having the sourcecode (thank ossec-devs), i had the chance to modify
ossec-logtest to fetch the date/time from the
Hello,
i am new to ossec and splunk. First of all, the installation was quite
straight forward thanks to the documentation found in the internet. I got
the basic system up an running in only few hours.
Atm ossec resides on a centos-system sending alerts via syslog to
splunk(W2k8R2). This all
