I have installed ossec server on linux mint client on win7.
After adding client and extracting key I started the windows client.
The client is now transmitting tto udp port 1514, however for some reason
the server is not replying.
The network connection is OK and pinging between machines works
Hi Chris,
i'm facing with the same issue that you were having here,
my current status is:
i'm abling to install the agents on the windows machine, copy the conf file
and create the agents on the server side.
i need your assistence with extracting the keys from the server side and
insert
Hi Eli,
What do the logs on the agent and those on the server show?
Pranav
On 10/15/13, Eli senditheredu...@gmail.com wrote:
I have installed ossec server on linux mint client on win7.
After adding client and extracting key I started the windows client.
The client is now transmitting tto
ossec.log says:
ERROR: Incorrectly formatted message from '4.4.4.3' (my agent ip)
Guess I should have looked here earlier.
How do I fix this?
Thanks
On Tuesday, 15 October 2013 13:27:02 UTC+3, Pranav Lal wrote:
Hi Eli,
What do the logs on the agent and those on the server show?
Pranav
Hi,
There is an error in the key that you are entering into the agent. I
had this happen to me the first time I ran ossec (2 weeks ago). Look
for characters like hard returns. I was lucky, that I spotted them
correctly.
Pranav
On 10/15/13, Eli senditheredu...@gmail.com wrote:
ossec.log says:
Thanks.
That did the trick.
What about the Unable to start OSSEC (check config) error?
How do I get rid of that?
On Tuesday, 15 October 2013 16:02:14 UTC+3, Pranav Lal wrote:
Hi,
There is an error in the key that you are entering into the agent. I
had this happen to me the first time I
Hello,
I am running OSSEC 2.7 and have been doing so successfully for a while
now, but overnight something happened and I'm missing something to fix it.
I am no longer getting email for events from the OSSEC server. Nothing has
changed on the Windows agents or the Ossec server. I have
On Tue, Oct 15, 2013 at 9:43 AM, Rhoads, Robert W.
rhoa...@ci.danville.va.us wrote:
Hello,
I am running OSSEC 2.7 and have been doing so successfully for a while
now, but overnight something happened and I’m missing something to “fix” it.
I am no longer getting email for events from
Yes I did, except for the compiling.
The compiled version of OSSEC from the repository came with maild.geoip=1
by default.
I configured ossec.conf the way you showed below and ossec.log does not
complain about the added XML-tags.
So I assume OSSEC understands the tags and it does show the 'Src
Hi!
I installed the default OSSEC SERVER 2.7.1-beta-1 on Debian 7.
This is my */var/ossec/etc/ossec.conf*:
[...]
syscheck
!-- Frequency that syscheck is executed - default to every 22 hours -
79200 --
frequency*300*/frequency
alert_new_filesyes/alert_new_files
!-- Directories
On Tue, Oct 15, 2013 at 2:10 PM, Cristiano Galdino
cristiano.gald...@gmail.com wrote:
Hi!
I installed the default OSSEC SERVER 2.7.1-beta-1 on Debian 7.
This is my /var/ossec/etc/ossec.conf:
[...]
syscheck
!-- Frequency that syscheck is executed - default to every 22 hours -
79200 --
Hi,
snip What about the Unable to start OSSEC (check config) error?
PL] I don't know.
Pranav
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Is there anyway to display the src_ip field as a hostname in the reports
generated by ossec-reportd.
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
13 matches
Mail list logo