Yes, same thing happened to me in the past and I think is a limitation in
the message size. I ended up changing the command, but I guess recompiling
would work too.
Best
On Fri, Jan 29, 2016 at 3:31 AM, q
wrote:
> Hello!
>
> i have a problem with a long
Hello!
i have a problem with a long output too.
i run netstat -tupln and got trancated output.
and i dont know how to avoid this.
On 29.01.2016 11:52, ZaNN wrote:
> Hi again,
>
> Anyone is monitoring iptables output? Anyone has faced the problem of
> a long command output?
>
> Thanks in
Hi again,
Anyone is monitoring iptables output? Anyone has faced the problem of a
long command output?
Thanks in advance
El miércoles, 27 de enero de 2016, 9:26:48 (UTC+1), ZaNN escribió:
>
> Hola Daniel,
>
> Yes, that was my first try. Problem was that the result of an iptables
> command was
Hola Daniel,
Yes, that was my first try. Problem was that the result of an iptables
command was too large and the content was truncated mostly of the time.
Therefore, it was triggering false positives.
Do you think of another way of perform an iptables -S check diff in real
time?
El
Yes, that would be an issue. Have you tried not sending the output to a
file and using the check_diff option on the rules itself?
You could do:
full_command
iptables -S
iptables_status
3600
And then write a rule to alert on changes:
530
ossec: output: