Hi Reggie,
Try updating your OSSEC server to the following version:
http://www.ossec.net/dcid/?p=118
It should fix your problem.
Thanks,
--
Daniel B. Cid
dcid ( at ) ossec.net
On Jan 18, 2008 5:14 PM, Reggie Griffin [EMAIL PROTECTED] wrote:
Ok, I got past the rules. I installed a default
Hi Pete,
I think your problem is really related to moving the ossec installs
around. To properly remove it,
just:
1-Stop the ossec processes
2-Remove the /var/ossec directory
3-Remove /etc/ossec-init.conf
As for syscheck, all its data is stored at /var/ossec/queue/syscheck.
So, if you remove
Hi Sherwin,
This could be easily integrated by reading the SDEE messages and forwarding them
via syslog (or writing to a file) for OSSEC. Any Perl guy in here
willing to take this job? :)
Thanks,
--
Daniel B. Cid
dcid ( at ) ossec.net
On Jan 21, 2008 12:15 AM, Sherwin P. William Abocejo
Sebastien,
Thank you for your reply. I got this link
http://search.cpan.org/~jminieri/Net-SDEE-0.01/lib/Net/SDEE.pm talking
about SDEE and providing some codes for programming. How this could be
integrated to OSSEC.
Hope you'll help us this issue.
Regards,
Sherwin
-Original Message-
Thanks Dan
removal instructions much appreciated.
Pete
On Mon, 2008-01-21 at 06:19 -0400, Daniel Cid wrote:
Hi Pete,
I think your problem is really related to moving the ossec installs
around. To properly remove it,
just:
1-Stop the ossec processes
2-Remove the /var/ossec
I'm trying to do a binary installation of OSSEC. I have the binaries
from a similar system (same operating system and architecture) in the
bin/ directory in the OSSEC package. I edited etc/preloaded-vars.conf
and set USER_BINARYINSTALL to y. When I run ./install.sh, however, I
get the following:
