All,
I have tried to forward our checkpoint logs to OSSEC, however I
cannot find the executable logger on the Windows box that stores our
logs. The command is:
fw log -ftnp fw.log | logger -t Checkpoint
Any ideas how I can accomplish this?
Hello,
On a very regular basis we get the following error:
I have verified connectivity between agent/server (udp_1514) as well
as ICMP to test. The agent just gets the timeout error in log
OSSEC HIDS Notification.
2009 Apr 07 11:38:29
Received From: ossec->ossec-monitord
Rule: 504 fired (lev
Hello all,
I was wondering if anyone knows any way to prepare for windows updates.
If we know there are updates coming down, and we know the file names
and hashes of the files, can we prepare ossec to ignore these files or
something to that effect?
Thanks
Hello all,
Does anyone have a windows configuration that is a little more tuned than
the default? I just installed it, and am getting alerts very often. I
assume there are windows files/folders that are updated regularly and need
to exclude them. Any other windows tips?
Thanks