Hello Miguelangel! I do not see any new rows regarding the agent-ossec.com (within the host active-response.log, only in the alerts.log).
Here's what you asked for from the ../etc/ossec.conf (server host) <command> <name>ossec-slack</name> <executable>ossec-slack.sh</executable> <expect></expect> <!-- no expect args required --> <timeout_allowed>no</timeout_allowed> </command> <active-response> <command>ossec-slack</command> <location>local</location> <level>7</level> </active-response> Kind regards, Fredrik Den måndag 22 maj 2017 kl. 16:47:54 UTC+2 skrev Miguelangel Freitas: > > Hi Fredrik, > > Can you see in logs/active-responses.log any new row regarding ( > agent-ossec.com)? > > Could you share <command></command> and > <active-response></active-response> from etc/ossec.conf regarding slack > notification?, > thanks. > > Regards, > > On Sun, May 21, 2017 at 4:18 PM, Fredrik Hilmersson < > f.hilm...@worldclearing.org <javascript:>> wrote: > >> I set up a OSSEC server along with an remote agent. The alert log file is >> populated with alerts regarding both the host and the agent. However, the >> integrated slack notification script only send reports regarding the host. >> The only difference within the log is how the hostnames are displayed, >> e.g., 2017-05-10, host-ossec.com.. and 2017-05-10, (agent-ossec.com). Is >> there anything i'm missing regarding my setup which causes the script to >> dismiss the agent alerts? Any tip or help is greatly appreciated. >> >> Kind regards, >> Fredrik >> >> -- >> >> --- >> You received this message because you are subscribed to the Google Groups >> "ossec-list" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to ossec-list+...@googlegroups.com <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.