On Wed, Oct 9, 2013 at 3:56 AM, Michiel van Es wrote:
>
>
> Op donderdag 3 oktober 2013 15:44:49 UTC+2 schreef dan (ddpbsd):
>>
>> On Thu, Oct 3, 2013 at 9:13 AM, Michiel van Es
>> wrote:
>> >
>> >
>> > Op donderdag 3 oktober 2013 14:57:28 UTC+2 schreef dan (ddpbsd):
>> >>
>> >> On Thu, Oct 3, 20
Op donderdag 3 oktober 2013 15:44:49 UTC+2 schreef dan (ddpbsd):
>
> On Thu, Oct 3, 2013 at 9:13 AM, Michiel van Es
> >
> wrote:
> >
> >
> > Op donderdag 3 oktober 2013 14:57:28 UTC+2 schreef dan (ddpbsd):
> >>
> >> On Thu, Oct 3, 2013 at 4:26 AM, Michiel van Es
> >> wrote:
> >> > Is my
Ok, clear for me.
I want this to be on the agents so I have to create a template for all
agents with this settings.
Thanks!
2013/10/3 dan (ddp)
> On Thu, Oct 3, 2013 at 9:50 AM, Michiel van Es
> wrote:
> > But it is correct that I add the syscheck and realtime options to the
> agent
> > own o
On Thu, Oct 3, 2013 at 9:50 AM, Michiel van Es wrote:
> But it is correct that I add the syscheck and realtime options to the agent
> own ossec.conf and NOT on the server right?
>
That depends on where you want that setting to be applied. If you want
the agent to attempt these detections in real
But it is correct that I add the syscheck and realtime options to the agent
own ossec.conf and NOT on the server right?
2013/10/3 dan (ddp)
> On Thu, Oct 3, 2013 at 9:13 AM, Michiel van Es
> wrote:
> >
> >
> > Op donderdag 3 oktober 2013 14:57:28 UTC+2 schreef dan (ddpbsd):
> >>
> >> On Thu, O
On Thu, Oct 3, 2013 at 9:13 AM, Michiel van Es wrote:
>
>
> Op donderdag 3 oktober 2013 14:57:28 UTC+2 schreef dan (ddpbsd):
>>
>> On Thu, Oct 3, 2013 at 4:26 AM, Michiel van Es
>> wrote:
>> > Is my ossec.conf on the agents correct?
>> > tested again today after some days:
>> >
>>
>> As far as I
Op donderdag 3 oktober 2013 14:57:28 UTC+2 schreef dan (ddpbsd):
>
> On Thu, Oct 3, 2013 at 4:26 AM, Michiel van Es
> >
> wrote:
> > Is my ossec.conf on the agents correct?
> > tested again today after some days:
> >
>
> As far as I can tell it seems ok.
>
> > added an entry to /etc/hosts,
On Thu, Oct 3, 2013 at 4:26 AM, Michiel van Es wrote:
> Is my ossec.conf on the agents correct?
> tested again today after some days:
>
As far as I can tell it seems ok.
> added an entry to /etc/hosts, nothing is detected and alerted directly..
>
What do you mean by "alerted directly?"
>
> Op
Is my ossec.conf on the agents correct?
tested again today after some days:
added an entry to /etc/hosts, nothing is detected and alerted directly..
Op vrijdag 27 september 2013 15:50:18 UTC+2 schreef Michiel van Es:
>
> Hello, I have the following setup :
>
> 1 manager - OSSEC 2.7 64 bit tar.gz
I got it semi working but I am noticing that after I changed /etc/hosts
(for example) , the alert is available on the manager but when I change
/etc/resolv.conf directly after that it is not notified directly (some
delay).
Is this normal behaviour?
Op vrijdag 27 september 2013 15:50:18 UTC+2 sc
Sorry forgot to mention:
Servers running RHEL6 64 bit
Op vrijdag 27 september 2013 15:50:18 UTC+2 schreef Michiel van Es:
>
> Hello, I have the following setup :
>
> 1 manager - OSSEC 2.7 64 bit tar.gz manager install via script
> 2 agents - OSSEC 2.7 64 bit Atomic repo install
>
> I have change
11 matches
Mail list logo
