I adjusted my rmem default and max and I still get send/receive errors. My
values are 16777216 and 26214400 (respectively). I think remoted isnt reading
the buffer fast enough to process.
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To
On 2014-05-13 9:18, BP9906 wrote:
I adjusted my rmem default and max and I still get send/receive
errors. My values are 16777216 and 26214400 (respectively). I think
remoted isnt reading the buffer fast enough to process.
This is what I have for an environment that bursts to maybe 1,000 EPS. I
On 2014-05-13 9:44, Darin Perusich wrote:
If you want reliable syslog retrieval I recommend you abandon using
OSSEC and use rsyslog with the RELP module enabled. Then if you want
to do post processing your logs looking for events use a tool 'sec',
simple event correlator, or splunk, or
On Tue, May 13, 2014 at 10:51 AM, Michael Starks
ossec-l...@michaelstarks.com wrote:
On 2014-05-13 9:44, Darin Perusich wrote:
If you want reliable syslog retrieval I recommend you abandon using
OSSEC and use rsyslog with the RELP module enabled. Then if you want
to do post processing your
https://lh4.googleusercontent.com/-pfoF5hylM_Y/U3CPVfQWEAI/AUE/rwFhp-o5Ve0/s1600/Untitled.png
hi everybody.
when i see the picture.I wonder how do you know certainly server get the
logs from agent. because it uses UDP port 1514 udp protocal never check
destination have recived packet
On Mon, May 12, 2014 at 5:10 AM, Nguyễn Văn Hớn honi...@gmail.com wrote:
hi everybody.
when i see the picture.I wonder how do you know certainly server get the
logs from agent. because it uses UDP port 1514 udp protocal never check
destination have recived packet when it send on network
I'm pretty sure OSSEC agent/servers send ACK messages when they receive a
message and also have a counter associated with what messages they've
sent/received. I've had network issues between my agent and servers and
once the connection is restored I see a large spike of messages as the
server
On 2014-05-12 8:39, Joshua Garnett wrote:
I'm pretty sure OSSEC agent/servers send ACK messages when they
receive a message and also have a counter associated with what
messages they've sent/received. I've had network issues between my
agent and servers and once the connection is restored I see
On 2014-05-12 4:10, Nguyễn Văn Hớn wrote:
[1]hi everybody.
when i see the picture.I wonder how do you know certainly server get
the logs from agent. because it uses UDP port 1514 udp protocal never
check destination have recived packet when it send on network
The short answer is you don't.
I also thought so very thankful for your help :)
Vào 21:19:00 UTC+7 Thứ hai, ngày 12 tháng năm năm 2014, Michael Starks đã
viết:
On 2014-05-12 4:10, Nguyễn Văn Hớn wrote:
[1]hi everybody.
when i see the picture.I wonder how do you know certainly server get
the logs from agent.
10 matches
Mail list logo