Hi Team,
I have ossec server running in my infrastructure, we have two alert logic
servers which tests our infrastructure by doing brute force attack and all
kinds of attacks and ossec is sending lot of mail alerts, I want to drop
those alert mails if the attack is from those two server, how
Hi Could some one please guide me on how to write a rule to monitor for any
changes in the files from a specific folder.
this is what I tried
In ossec rules folder I added the below content in local_rules.xml file
rule id=100345 level=12
if_matched_groupsyscheck/if_matched_group
, 2015 at 2:10 PM, narendra reddy
narendrar...@gmail.com javascript: wrote:
Hi Team,
I have a send grid account which I use for sensu alerts and would like
to
use the same account for ossec mail alerts, however I am unable to input
user name and password in ossec.conf file, could
Hi Team,
I have a send grid account which I use for sensu alerts and would like to
use the same account for ossec mail alerts, however I am unable to input
user name and password in ossec.conf file, could some one please guide me
on how to add send grid account with smtp user name and
option for 021 as id, please guide me on how to reset the count.
--
Thanks and Regards,
Narendra Reddy .Alla
91-9620525522
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To unsubscribe from this group and stop receiving emails from it, send
Hi Team,
I have deleted all the agents from ossec master and trying to add new
agents however the agent id count is not resetting i.e lets say I have
added 20 agents earlier and deleted them completely and now when I try add
new agent with id 001 it is not taking instead its only
blocks. will check the tcp
dumps now
On Tuesday, 10 February 2015 17:54:15 UTC+5:30, narendra reddy wrote:
Hi Team,
I have configured Ossec-hids-2.7 on one of my AWS instance which has 10.5
series ip, I am able to add 25+ agents from 10.5 series and tried adding
10.9 series agents however I am
yes when I installed the agent on 10.9 series machines, I am able to import
the key and start the ossec but server ui is not showing them.
On Tuesday, 10 February 2015 17:54:15 UTC+5:30, narendra reddy wrote:
Hi Team,
I have configured Ossec-hids-2.7 on one of my AWS instance which has
series from 10.5 and vice versa, all the
ports are open between 10.9 and 10.5 netblock.
Any possible reason for not able to get details from 10.9 series, please
help me.
--
Thanks and Regards,
Narendra Reddy .Alla
91-9620525522
--
Thanks and Regards,
Narendra Reddy .Alla
91-9620525522