Greetings:
I'm having the same problem on a non VPS CentOS 5, 32-bit server.
2007/12/18 14:42:58 ossec-agentd(1218): Unable to send message to
server.
2007/12/18 14:42:58 ossec-agentd(1218): Unable to send message to
server.
2007/12/18 14:42:58 ossec-agentd(1218): Unable to send message to
Hi Martin,
Thanks for the additional information. I was able to reproduce the
behavior and fix the problem inside ossec. You
can try with the following package to see if the problem persists.
http://www.ossec.net/files/snapshots/ossec-hids-071218.tar.gz
The issue is that ossec tries to remove
Hi Denis,
Currently they are combined by an OR (if any one of them matches), but
now that you
mentioned it, I think I should change to AND.
Thanks,
--
Daniel B. Cid
dcid ( at ) ossec.net
On Dec 17, 2007 11:39 AM, Denis Shaposhnikov [EMAIL PROTECTED] wrote:
Hello,
From
Hi Peter,
It shouldn't make any different between running OSSEC on a real server
or on vmware, so I think
these problems are more related to network connectivity or some other issue.
Anyway, to troubleshoot ossec-maild, I would try first to send an
e-mail using telnet. From the
log, it says
Hi Kevin,
For your case, I would suggest using the strftime formats instead of
/*/**. Because the logs change everyday,
you need to tell ossec to keep following the day changes. An example would be:
localfile
log_formatsyslog/log_format
