On Mon, Sep 4, 2017 at 3:57 AM, Tirumala Raja Siriki
wrote:
> Hi Dan,
>
> The False positives are as follows,
>
> Rule 18138: The Account Name is one of our Associate account, and alert got
> triggered for this.
>
Hi Dan,
The False positives are as follows,
Rule 18138: The Account Name is one of our Associate account, and alert got
triggered for this.
--
** Alert
On Mon, Aug 28, 2017 at 2:25 AM, Tirumala Raja Siriki
wrote:
> Email levels are at enough priority, I am getting emails now after stopping
> alerting from RDP. I have multiple RDP where agent is installed and I get
> lot of false alerts from RDPs, for Authentication
Email levels are at enough priority, I am getting emails now after stopping
alerting from RDP. I have multiple RDP where agent is installed and I get
lot of false alerts from RDPs, for Authentication failure and Account
locked out.
On Thursday, August 24, 2017 at 6:07:05 PM UTC+5:30, dan
Hi Everyone,
I am running Ossec 2.8.3 version on Server as well as agents. I am not
getting any email alerts from Ossec Server(Suse Linux) for one of the agent
which is also running on Suse Linux.
I see alerts are getting logged in /var/ossec/logs/alerts/alerts.log file
but no emails