Re: [ossec-list] ossec-Maild CPU Usage 95% +

2020/04/01 12:54:01 ossec-maild [dns]: ERROR: connect() failed. 2020/04/01 12:54:01 ossec-maild: ERROR: DNS failure for smtpserver 2020/04/01 12:54:01 ossec-maild: ERROR: No socket. 2020/04/01 12:54:27 ossec-maild(1261): ERROR: Waiting for child process. ( status: 256). 2020/04/01 12:54:27

Re: [ossec-list] ossec-Maild CPU Usage 95% +

On Wed, Apr 1, 2020 at 12:58 PM SHADO wrote: > > Hi! > > Did a new install on Ubuntu 18.04 LTS and ossec-Maild is hogging the CPU. > > > ossecmPID 1 78 Mar31 ?07:34:06 /var/ossec/bin/ossec-maild > > > PID USERPRI NI VIRT RESSHR S CPU% MEM% TIME+ Command >

Re: [ossec-list] ossec-Maild CPU Usage 95% +

What is your mail server doing? Is that responding okay? You could try running ossec-maild in the foreground with the debug flag ( -d) to see if anything interesting appears. On Wed, Apr 1, 2020 at 9:58 AM SHADO wrote: > Hi! > > Did a new install on Ubuntu 18.04 LTS and ossec-Maild is hogging

[ossec-list] ossec-Maild High CPU Usage

Installed OSSEC on Ubuntu 18.04 LTS and just noticed that ossec-Maild is causing the CPU to experience high CPU usage. Restarting the service or rebooting the system only provides temporary for the CPU. Any suggestions on what to look would be appreciated. SHADO PID USER PRI NI VIRT

[ossec-list] ossec-Maild CPU Usage 95% +

Hi! Did a new install on Ubuntu 18.04 LTS and ossec-Maild is hogging the CPU. ossecmPID 1 78 Mar31 ?07:34:06 /var/ossec/bin/ossec-maild PID USERPRI NI VIRT RESSHR S CPU% MEM% TIME+ Command PID ossecm 20 0 24756

Re: [ossec-list] ossec-maild?

I did that all again, but added: $ sudo rm -rf /var/ossec/ Between the uninstall and reinstall. Then created my keygen and client.key files from scratch. and... Oh... Now I'm getting email alerts!!! Wohoo! Thanks so much for your help! On Monday, March 30, 2020 at 3:49:42 PM UTC-4,

Re: [ossec-list] ossec-maild?

This is progress, I now have ossec-maild running, but still no email and nothing from ossec in /var/log/mail.log. Here's what I did: $ sudo /var/ossec/bin/ossec-control stop $ sudo apt purge ossec-hids-agent $ sudo apt purge ossec-hids-server $ sudo apt install ossec-hids-server My old keygen

Re: [ossec-list] ossec-maild?

On Mon, Mar 30, 2020 at 2:11 PM Glen Peterson wrote: > > I installed on Ubuntu 18.04 with according to this: > https://www.ossec.net/downloads/#apt-automated-installation-on-ubuntu-and-debian > > I installed both agent and server. Specifically: > $ wget -q -O -

Re: [ossec-list] ossec-maild?

I installed on Ubuntu 18.04 with according to this: https://www.ossec.net/downloads/#apt-automated-installation-on-ubuntu-and-debian I installed both agent and server. Specifically: $ wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo bash $ sudo apt update $ sudo apt install

[ossec-list] ossec-maild?

Sorry to be dense. I just tried to post another message and don't see it in google groups. I'm noticing that other people have an ossec-maild, but I don't: $ sudo ls -l /var/ossec/bin/ total 1164 -r-xr-x--- 1 root ossec 149632 Mar 15 15:02 agent-auth -r-xr-x--- 1 root ossec 153728 Mar 15 15:02

Re: [ossec-list] ossec-maild(1223): ERROR: Error Sending email to 127.0.0.1 (smtp server)

On Nov 3, 2017 18:33, wrote: I am receiving the error: ossec-maild(1223): ERROR: Error Sending email to 127.0.0.1 (smtp server) postfix is working on my client. `echo 'message' | mail -s 'subject' recipi...@email.com` works as expected. I have changed smtp_relay

[ossec-list] ossec-maild(1223): ERROR: Error Sending email to 127.0.0.1 (smtp server)

I am receiving the error: ossec-maild(1223): ERROR: Error Sending email to 127.0.0.1 (smtp server) postfix is working on my client. `echo 'message' | mail -s 'subject' recipi...@email.com` works as expected. I have changed smtp_relay in my global config to localhost and 127.0.0.1 but neither

Re: [ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

On Wed, Sep 28, 2016 at 11:37 AM, Laura Herrera wrote: > Hi Dan, > > Yes, thank you, i have been trying to get this working all day. > > I am running ossec on an ubuntu 14.04 server and i need to be able to email > alerts of course. > > I saw in a separate post that ossec

Re: [ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

On Wed, Sep 28, 2016 at 12:56 PM, Laura Herrera wrote: > Hi Dan, > > Changing subject a bit, do you know if it's possible to have alerts in > ossec calling a script instead of sending an email directly? > Other than active response, no. > Ta > Laura > > > On Wednesday, 28

Re: [ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

Hi Dan, Changing subject a bit, do you know if it's possible to have alerts in ossec calling a script instead of sending an email directly? Ta Laura On Wednesday, 28 September 2016 16:37:57 UTC+1, Laura Herrera wrote: > > Hi Dan, > > Yes, thank you, i have been trying to get this working all

Re: [ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

Hi Dan, Yes, thank you, i have been trying to get this working all day. I am running ossec on an ubuntu 14.04 server and i need to be able to email alerts of course. I saw in a separate post that ossec actually needs smtp listening on the local server, and so i decided to use postfix as a

Re: [ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

On Sep 28, 2016 6:42 AM, "Laura Herrera" wrote: > > Hi Theresa, > > Please can i ask how did you solve this problem? > If you're having issues, you could post details and we could try to help. > Thanks a lot, > Laura > > > On Monday, 6 July 2015 18:35:50 UTC+1, theresa

Re: [ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

Hi Theresa, Please can i ask how did you solve this problem? Thanks a lot, Laura On Monday, 6 July 2015 18:35:50 UTC+1, theresa mic-snare wrote: > > OK, managed to fix this and face-palming myself > > i've tweaked the postfix config a bit, enabled the service and there we > go... >

Re: [ossec-list] ossec-maild Error Sending email to 127.0.0.1

Hi Theresa, Please could you explain how did you solve this? Might be an epic fail for you, but it might help others :) Thanks a lot Laura On Tuesday, 22 December 2015 10:53:55 UTC, theresa mic-snare wrote: > > *FACEPALM* > > problem solved.this is too embarrassing :((( > epic fail! > > Am

Re: [ossec-list] ossec-maild Error Sending email to 127.0.0.1

hmm it looks as so ossec-maild has a problem with my ssmtp ssmtp works fine, because it sent me an automated/generated email at 2:43 in the morning. i've set DEBUGGING=yes in the ssmtp.conf but the logs don't show any more info to debug what surprises me is that on netstat ssmtp isn't

Re: [ossec-list] ossec-maild Error Sending email to 127.0.0.1

*FACEPALM* problem solved.this is too embarrassing :((( epic fail! Am Dienstag, 22. Dezember 2015 10:54:45 UTC+1 schrieb theresa mic-snare: > > hmm it looks as so ossec-maild has a problem with my ssmtp > ssmtp works fine, because it sent me an automated/generated email at 2:43 > in the

Re: [ossec-list] ossec-maild Error Sending email to 127.0.0.1

On Sun, Dec 20, 2015 at 7:50 AM, theresa mic-snare wrote: > Hi everyone, > > today I've noticed a problem with the ossec-maild process. > The ossec.log keeps saying > > ossec-maild(1223): ERROR: Error Sending email to 127.0.0.1 (smtp server) > > Of course I started

[ossec-list] ossec-maild Error Sending email to 127.0.0.1

Hi everyone, today I've noticed a problem with the ossec-maild process. The ossec.log keeps saying ossec-maild(1223): ERROR: Error Sending email to 127.0.0.1 (smtp server) Of course I started troubleshooting the problem and tried to send several test-emails from the ossec master. I'm using

Re: [ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

OK, managed to fix this and face-palming myself i've tweaked the postfix config a bit, enabled the service and there we go... ossec-maild is now officially sending out alerts to my email address. theresa happy :) Am Sonntag, 5. Juli 2015 14:02:29 UTC+2 schrieb Daniil Svetlov: Theresa,

Re: [ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

Hi Daniil, thank you very much for the advice with enabling debug!! I've now looked into the ossec.log and it says: *2015/07/05 03:34:02 ossec-maild(1223): ERROR: Error Sending email to 127.0.0.1 (smtp server)* 2015/07/05 15:03:18 ossec-syscheckd: INFO: Starting syscheck scan. 2015/07/05

Re: [ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

Theresa, try to issue command /var/ossec/bin/ossec-control enable debug. It will increase log verbosity. Then restart OSSEC, and check /var/ossec/log/ossec.log. Also after restart try to issue command ps aux | grep ossec, and check, that ossec-maild process is running. сб, 4 июля 2015 г. в 19:13,

Re: [ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

Hi Daniil, I've already done that. The maillog doesn't show the mail being sent, but there isn't an error either. It seems that the ossec-maild isn't even relaying it to the local smtp mta (ssmtp) because as said before I can send out mails with mailx just fine. The ossec.log doesn't even

Re: [ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

i've also tried disabling iptables, but that didn't help either... but then again i can send out emails with mailx just find, so i don't think it's iptables blocking anyway... any ideas? Am Samstag, 4. Juli 2015 16:41:47 UTC+2 schrieb theresa mic-snare: Hi Daniil, I've already done that.

Re: [ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

Hello, Theresa! First of all check spam folder in your gmail account. Probably gmail just in it mail from OSSEC, because they not look valid. If you use SMTP server on localhost, check logs of MTA. It must be in /var/log/maillog. пт, 3 июля 2015 г. в 19:19, theresa mic-snare

[ossec-list] ossec-maild not sending out any alerts (relaying through ssmtp)

hi ossec'ers, my problem is I can't send out any emails/alert notifications with the ossec-maild process. I'm relaying my emails through ssmtp, the configuration is valid because I'm able to send out mails to external addresses through mailx for instance. But for some reason OSSEC just

Re: [ossec-list] ossec-maild tags

On Thu, Mar 13, 2014 at 3:01 AM, Gaurav Rajput gx1...@gmail.com wrote: Hi, I have 3 different infrastructures (Development, Production and Testing), running the same configuration (with same ip-address and subnet) and nodes. I have 3 ossec-servers running. Each ossec-server is sending the

Re: [ossec-list] ossec-maild tags

Or you could change this file: https://github.com/ossec/ossec-hids/blob/master/src/os_maild/sendmail.c on each server and add something to SUBJECT so you can filter that out on gmail. I always have to change this file as my local mailserver is very strict about the HELOMSG and I have to change it

Re: [ossec-list] ossec-maild tags

Hi, We had a similar requirement here. I just added an additional option to the ossec.conf that get's added into the mail headers (X-IDS-OSSEC: $value) to be able to use that to sort the emails from the different masters. I currently don't have a patch file with only that change (for stupid

[ossec-list] ossec-maild tags

Hi, I have 3 different infrastructures (Development, Production and Testing), running the same configuration (with same ip-address and subnet) and nodes. I have 3 ossec-servers running. Each ossec-server is sending the mails to a central gmail account. All I want is, to categorize the mails

[ossec-list] Ossec-maild Failed to start

Hello Recently i keep getting when i try to start ossec-control start *Starting OSSEC HIDS v2.7.1 (by Trend Micro Inc.)...* *Started ossec-agentlessd...* *ossec-maild did not start correctly.* This is what i get from the log: *ossec-maild: DEBUG: Starting ...* *ssec-maild(2301): ERROR:

Re: [ossec-list] Ossec-maild Failed to start

On Fri, Jan 17, 2014 at 3:24 PM, Ian Martinez ian.marti...@gmail.com wrote: Hello Recently i keep getting when i try to start ossec-control start Starting OSSEC HIDS v2.7.1 (by Trend Micro Inc.)... Started ossec-agentlessd... ossec-maild did not start correctly. This is what i get from

Re: [ossec-list] Ossec-maild Failed to start

Thank you ill try that On Friday, January 17, 2014 2:27:27 PM UTC-6, dan (ddpbsd) wrote: On Fri, Jan 17, 2014 at 3:24 PM, Ian Martinez ian.ma...@gmail.comjavascript: wrote: Hello Recently i keep getting when i try to start ossec-control start Starting OSSEC HIDS v2.7.1 (by

[ossec-list] Ossec-maild failed to start

I recently got this error starting my ossec server # /var/ossec/bin/ossec-control start Starting OSSEC HIDS v2.7.1 (by Trend Micro Inc.)... Started ossec-agentlessd... ossec-maild did not start correctly. This is what i get from /var/ossec/logs/ossec.log ossec-maild(2301): ERROR: Definition not

[ossec-list] ossec-maild segfault

From /var/log/messages Jul 30 13:11:12 server name kernel: ossec-maild[10096]: segfault at rip 2add4f72322c rsp 7fff577262e0 error 4 Jul 30 13:11:32 server name kernel: ossec-maild[10097]: segfault at rip 2add4f72322c rsp 7fff577262e0 error 4 Jul

Re: [ossec-list] ossec-maild segfault

On Thu, Aug 1, 2013 at 7:52 AM, biciunas p...@biciunas.com wrote: From /var/log/messages Jul 30 13:11:12 server name kernel: ossec-maild[10096]: segfault at rip 2add4f72322c rsp 7fff577262e0 error 4 Jul 30 13:11:32 server name kernel: ossec-maild[10097]: segfault at

Re: [ossec-list] ossec-maild segfault

On Thursday, August 1, 2013 9:33:50 AM UTC-4, dan (ddpbsd) wrote: On Thu, Aug 1, 2013 at 7:52 AM, biciunas pa...@biciunas.com javascript: wrote: From /var/log/messages Jul 30 13:11:12 server name kernel: ossec-maild[10096]: segfault at rip 2add4f72322c rsp

Re: [ossec-list] ossec-maild version 2.4.1 dies frequently

Anything in the logs around the time of the crash? On Thu, Jun 24, 2010 at 2:05 PM, Gil Vidals gvid...@gmail.com wrote: After upgrading my server to OSSEC Version 2.4.1, the ossec-maild daemon dies frequently each day. Nothing else I am aware of in my system has changed. Is anyone else

[ossec-list] ossec-maild version 2.4.1 dies frequently

After upgrading my server to OSSEC Version 2.4.1, the ossec-maild daemon dies frequently each day. Nothing else I am aware of in my system has changed. Is anyone else experiencing ossec-maild dying? Is there a solution to this problem you are aware of? Thanks, Gil Vidals VM Racks - ESX Hosting