On Mon, Aug 28, 2017 at 12:17 AM, Ritu Soni <ritu.soni9...@gmail.com> wrote: >>> hey, > > I have added the rule in local_rules.xml file in way as in the > attached image.. > After adding the rule, i have restarted OSSEC services. But I get > the following errors: > Starting OSSEC HIDS v2.8.3 (by Trend Micro Inc.)... > Started ossec-dbd... > 2017/08/28 09:40:55 ossec-config(1501): ERROR: Invalid SMTP > Server: alt1.gmail-smtp-in.l.google.com. > 2017/08/28 09:40:55 ossec-config(1202): ERROR: Configuration error > at '/var/ossec/etc/ossec.conf'. Exiting. > 2017/08/28 09:40:55 ossec-maild(1202): ERROR: Configuration error > at '/var/ossec/etc/ossec.conf'. Exiting. > ossec-maild did not start correctly. > Did i miss anything? or any other command should have been used to > make that rule work? Please guide me to solve this problem.
That error has nothing to do with the rule you added. I think there's an issue with name resolution for maild, but I haven't looked into it yet. >> >> >> >> --- >> You received this message because you are subscribed to the Google Groups >> "ossec-list" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to ossec-list+...@googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. >> >> > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.