Thank you for your answers.Now It triggers that rule 31152 normally.I was
overwrited the rule frequency in local rules and forgot that.Sorry for that
mistake.
On Thursday, 6 July 2017 23:37:55 UTC+3, Kazim Koybasi wrote:
>
> I added config below to etc/shared/agent.conf in ossec-server home
>
On Fri, Jul 7, 2017 at 4:15 AM, Kazim Koybasi wrote:
> Yes OSSEC mentioning about log files and says analyzing log file. I tried
> with apache log format and without logformat settings and results is
> same.What could be a workaround for that?
>
Provide a log sample of a
Hi Kazim,
- Review the ossec.log of your agent: is it monitoring the file? are
there errors?.
- The log file must exist before OSSEC is started.
- Try with the format "syslog".
- Copy some logs to /var/ossec/bin/ossec-logtest and check if an alert
would be generated.
Just
Yes OSSEC mentioning about log files and says analyzing log file. I tried
with apache log format and without logformat settings and results is
same.What could be a workaround for that?
On Thursday, 6 July 2017 23:37:55 UTC+3, Kazim Koybasi wrote:
>
> I added config below to
Thanks for quick response.
Server has running apache , I restarted apache it show log that it monitors
all apache config and I connect with my browser and made multple 404 error
codes from same server . default log level is 7 for ossec. OSSEC exact
configuration like below and my server hosts