On Mon, Aug 28, 2017 at 2:25 AM, Tirumala Raja Siriki <tirumala.r...@opsveda.com> wrote: > Email levels are at enough priority, I am getting emails now after stopping > alerting from RDP. I have multiple RDP where agent is installed and I get > lot of false alerts from RDPs, for Authentication failure and Account locked > out. >
If you're seeing false positives, it would be great if you reported them. We could fix them (or they have been fixed in recent versions of OSSEC). > On Thursday, August 24, 2017 at 6:07:05 PM UTC+5:30, dan (ddpbsd) wrote: >> >> >> >> On Aug 24, 2017 8:31 AM, "Tirumala Raja Siriki" <tiruma...@opsveda.com> >> wrote: >> >> Hi Everyone, >> >> I am running Ossec 2.8.3 version on Server as well as agents. I am not >> getting any email alerts from Ossec Server(Suse Linux) for one of the agent >> which is also running on Suse Linux. >> I see alerts are getting logged in /var/ossec/logs/alerts/alerts.log file >> but no emails triggered. Other agents are working fine. >> I noticed Ossec Server has rsyslog running while Agent has syslog-ng. Is >> there any changes needs to be done for logging. >> >> Any help is appreciated. >> >> >> Are the alerts that this agent triggers high enough level to be semt via >> email? Are the alerts grouped with other alerts in a single email? >> >> >> >> Many Thanks >> >> -- >> >> --- >> You received this message because you are subscribed to the Google Groups >> "ossec-list" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to ossec-list+...@googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. >> >> > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.