On Sat, Jul 19, 2014 at 10:59 AM, Darren Patterson
wrote:
>
> I'm not looking at the alerts - I'm only looking at the "syscheck -i" output
> for these systems. For other noise in this output, I adjusted the shared
> rules (/var/ossec/etc/shared/*). I don't see anything in
> /var/ossec/etc/shared
I'm not looking at the alerts - I'm only looking at the "syscheck -i"
output for these systems. For other noise in this output, I adjusted the
shared rules (/var/ossec/etc/*shared/*)*. I don't see anything in
/var/ossec/etc/*shared/* *that corresponds with this system audit message.
--
---
On Thu, Jul 17, 2014 at 4:34 PM, Darren Patterson
wrote:
> On 2.7.1 when running "./syscheck_control -i #" for my servers, recently I
> started seeing lots of messages:
>
> System Audit: File '/dev/.blkid.tab' present on /dev. Possible hidden file.
>
> Is there a way to suppress/ignore this?
>
Is
On 2.7.1 when running "./syscheck_control -i #" for my servers, recently I
started seeing lots of messages:
System Audit: File '/dev/.blkid.tab' present on /dev. Possible hidden file.
Is there a way to suppress/ignore this?
Thanks,
-darren
--
---
You received this message because you are su