this diff.
>
> On Thu, Dec 29, 2011 at 10:04 PM, helpmailinglist
>
> wrote:
> > Inside the section I have the following:
> > /usr/local/tmp > directories>
>
> > However, ossec does not report any /usr/local/tmp/*.txt in the file:
> > ossec/queue/syschec
Inside the section I have the following:
/usr/local/tmp
However, ossec does not report any /usr/local/tmp/*.txt in the file:
ossec/queue/syscheck/ ->syscheck.
ossec v2.6 is being used on the server/client side. Other extensions
(such as gz) and paths have been tried but with no luck.
Has anyone
A file integrity check is needed on archived files only. For
instance, /var/log/httpd/*.gz. How is this possible? And can the
rule(s) be set up on the ossec server rather than the clients?