Does anyone know if it is possible to run more than one configuration of
this, ie I'd like to scan hourly a couple of small directories for changes,
and scan the rest of the windows components once a day..
Thanks
Chris
On Wed, Aug 1, 2012 at 4:29 AM, Chris Billson wrote:
> Does anyone know if it is possible to run more than one configuration of
> this, ie I'd like to scan hourly a couple of small directories for changes,
> and scan the rest of the windows components once a day..
>
> Thanks
> Chris
I think it'd
Hi,
I'm a little bit lost, I have a central OSSEC Server and several agents
(Linux, Windows)
I want to monitor a specific exe file in Windows machines just the
executable not all the files in the directory. there is no registry keys
for this application.
My second question that really confuses me
Hi,
I'm monitoring a directory that contains application files and logs. I'd like
to ignore the logs. The filenames are in the format: blahblah.log.1 or
blahblah.log.22 (one or two digits indicating the day of the month.)
I thought that this might do it, but doesn't seem to be working:
.log
On Tue, Apr 9, 2013 at 12:35 PM, Iqbal Aroussi wrote:
> Hi,
>
> I'm a little bit lost, I have a central OSSEC Server and several agents
> (Linux, Windows)
> I want to monitor a specific exe file in Windows machines just the
> executable not all the files in the directory. there is no registry keys
Hi
On Tue, Apr 9, 2013 at 12:43 PM, dan (ddp) wrote:
> On Tue, Apr 9, 2013 at 12:35 PM, Iqbal Aroussi wrote:
> > Hi,
> >
> > I'm a little bit lost, I have a central OSSEC Server and several agents
> > (Linux, Windows)
> > I want to monitor a specific exe file in Windows machines just the
> > e
On Tue, Apr 9, 2013 at 12:54 PM, Iqbal Aroussi wrote:
> Hi
>
>
> On Tue, Apr 9, 2013 at 12:43 PM, dan (ddp) wrote:
>>
>> On Tue, Apr 9, 2013 at 12:35 PM, Iqbal Aroussi wrote:
>> > Hi,
>> >
>> > I'm a little bit lost, I have a central OSSEC Server and several agents
>> > (Linux, Windows)
>> > I w
Hi Dan,
Thank you so much for your clear and useful reply,
Best Regards
Iqbal Aroussi
514-627-0438
On Tue, Apr 9, 2013 at 1:00 PM, dan (ddp) wrote:
> On Tue, Apr 9, 2013 at 12:54 PM, Iqbal Aroussi wrote:
> > Hi
> >
> >
> > On Tue, Apr 9, 2013 at 12:43 PM, dan (ddp) wrote:
> >>
> >> On Tue,
The sregex syntax is VERY limited.
This explains the syntax: http://www.ossec.net/wiki/Know_How:Regex_Readme
On Tue, Aug 3, 2010 at 6:17 PM, Jefferson, Shawn
wrote:
> Hi,
>
> I’m monitoring a directory that contains application files and logs. I’d
> like to ignore the logs. The filenames are in
ough.
-Original Message-
From: ossec-list@googlegroups.com [mailto:ossec-l...@googlegroups.com] On
Behalf Of dan (ddp)
Sent: Tuesday, August 03, 2010 6:08 PM
To: ossec-list@googlegroups.com
Subject: Re: [ossec-list] File integrity checking ignore syntax
The sregex syntax is VERY limited.
This
ginal Message-
From: ossec-list@googlegroups.com [mailto:ossec-l...@googlegroups.com] On
Behalf Of dan (ddp) Sent: Tuesday, August 03, 2010 6:08 PM
To: ossec-list@googlegroups.com
Subject: Re: [ossec-list] File integrity checking ignore syntax
The sregex syntax is VERY limited.
This explains th
Of Jeremy Rossi
Sent: Thursday, August 05, 2010 7:10 AM
To: ossec-list@googlegroups.com
Subject: RE: [ossec-list] File integrity checking ignore syntax
> That page, which I've been to before is like the rest of the OSSEC
> documentation, sparse and not very clear. ;)
Please help us o
ssec-list@googlegroups.com
> Subject: RE: [ossec-list] File integrity checking ignore syntax
>
>> That page, which I've been to before is like the rest of the OSSEC
>> documentation, sparse and not very clear. ;)
>
> Please help us out, documentation is an on going effo
Hello,
The "OSSEC PCI Solution" pdf says that ossec can help with, among other
sections, section 10.5.
>From PCI:
"10.5.5 Use file-integrity monitoring or change-detection software on logs
to ensure that existing log data cannot be changed without generating alerts
(although new data being added
On Tue, Jun 22, 2010 at 2:46 PM, Richard Geddes wrote:
> Hello,
>
> The "OSSEC PCI Solution" pdf says that ossec can help with, among other
> sections, section 10.5.
>
> From PCI:
> "10.5.5 Use file-integrity monitoring or change-detection software on logs
> to ensure that existing log data cannot
Greetings from a prospective OSSEC user,
I've been looking for pointers on how to properly integrate OSSEC and
a configuration management system (beside
http://www.ossec.net/wiki/Integration_&_Deployment_with_cfengine),
before bitting the bullet and getting OSSEC deployed alongside bcfg2.
What par
16 matches
Mail list logo