On Wed, Mar 30, 2016 at 5:36 AM, sandeep dubey wrote:
> Hi,
>
> Can i use third party email provider to send OSSEC emails ? For example
> AWS's SES service.
>
I believe there was a recent thread on this exact topic.
--
---
You received this message because you are
On Wed, Mar 30, 2016 at 6:00 AM, sandeep dubey wrote:
> Yes, below is the rule and output for test -
>
> RULE :
>
> DENIED
> 1002
> profile="docker-default"
> IGNORE RULE
>
>
> TEST :
> root@ossec-cloud:/var/ossec/bin# ./ossec-logtest
> 2016/03/30 10:00:39
Yes, below is the rule and output for test -
RULE :
DENIED
1002
profile="docker-default"
IGNORE RULE
TEST :
root@ossec-cloud:/var/ossec/bin# ./ossec-logtest
2016/03/30 10:00:39 ossec-testrule: INFO: Reading local decoder file.
2016/03/30 10:00:39 ossec-testrule: INFO: Started (pid:
Thanks Pedro for quick reply.
Let me try at my setup, will update this thread if i fail to do so.
On Wed, Mar 30, 2016 at 3:19 PM, Pedro S wrote:
> You can set up on OSSEC any SMTP server and it will use it to send the
> emails, BUT OSSEC is not able to use SMTP
You can set up on OSSEC any SMTP server and it will use it to send the
emails, BUT OSSEC is not able to use SMTP authentication.
Amazon SES works with TLS authentication so.. I don't think OSSEC
out-the-box can use Amazon SES.
Instead of that you can probably configure Amazon SES SMTP account
Hi,
Can i use third party email provider to send OSSEC emails ? For example
AWS's SES service.
On Thu, Mar 24, 2016 at 3:27 PM, sandeep dubey
wrote:
> Thanks for the update.
> On 24-Mar-2016 3:09 PM, "dan (ddp)" wrote:
>
>>
>> On Mar 24, 2016 12:21
Thanks !
The solution given here got worked!.
Regards,
Bhuvanesh
On Thursday, March 3, 2016 at 11:49:28 PM UTC+5:30, Santiago Bassett wrote:
>
> Yes, it is possible. You need to use OSSEC logall option and have
> logstash/filebeat reading /var/ossec/logs/archives.log
>
> My advice is to use
Thanks Guys!!
The solution given here got worked!.
Regards,
Bhuvanesh
On Thursday, March 3, 2016 at 4:07:43 PM UTC+5:30, Pedro S wrote:
>
> Hi,
>
> If you need to forward to Elastic all the events (not only alerts), try to
> enable the option *yes* (available at Wazuh
> Fork
Hi Jose,
I got some help to sort out the different timestamps (format) and all log
types now use "Jan 27 09:41:01". You asked about the firewall, this
particular one is a Checkpoint currently running version R77.20.
The remaining question, that might be of interest to others on the path to
Hi
Thanks for answer, I try after 6 pm beacuse now people are working and can
not reset the computer.
W dniu wtorek, 29 marca 2016 22:51:25 UTC+2 użytkownik Victor Fernandez
napisał:
>
> Hi.
>
> Have you added the original administrator and your own account to the
> "Administrators" group?
>
Did you run ossec-logtest to verify that your log triggers the rule just
created?
Try to run it and paste the log, if the rule 81 is not being fired
something went wrong with the rule creation.
On Wednesday, March 30, 2016 at 8:10:39 AM UTC+2, sandeep wrote:
>
> Hi Dan,
>
> Thanks for the
Hi Dan,
Thanks for the detailed step and rule. I tried the same and still getting
alert.
On 29-Mar-2016 9:07 PM, "dan (ddp)" wrote:
> On Tue, Mar 29, 2016 at 11:29 AM, sandeep dubey
> wrote:
> > Hi,
> >
> > I am getting this alert form all the hosts
12 matches
Mail list logo