Hi,
You said there is "anything sensitive" but.. OSSEC process alerts coming
from Endpoints and all the info is security relevant so.. someone can use
alerts info (IP's, directories, files, hostnames) for malicious purposes.
Beside that, I don't think changing readable attributes will suppose a
Why do you need it 'world readable' ?
You just need to add the nagios user to the ossec group.
On Mon, Jun 27, 2016 at 1:33 PM, Tahir Hafiz wrote:
> The permissions on the alerts.log are thus:
> -rw-r- 2 ossec ossec 13949 Jun 27 17:07 alerts.log
>
>
> However, we need
The permissions on the alerts.log are thus:
-rw-r- 2 ossec ossec 13949 Jun 27 17:07 alerts.log
However, we need our Nagios nrpe agent (nagios user) to be able to read the
file and then alert depending on the level that we have set for it to parse
and alert on.
Can anyone think of any