Re: [ossec-list] OSSEC_PCI_DSS_Guide for PCI DSS 3.1 (or 3.2)?

2017-01-26 Thread Pedro Sanchez
Hi Igor, There is no a recent version of that document from Wazuh, but it is still valid and you can use it as a reference about how can OSSEC helps to be in compliance with PCI DSS, we will update it as soon as we can (we are preparing a huge release right now, it keeps us busy everyday). I

[ossec-list] How to automate configuration of OSSEC Agent on Windows?

2017-01-26 Thread Igor Gatis
I need to make OSSEC install fully automatic. Installation can be easily done with /S flag to make it silent (https://chocolatey.org/packages/ossec-agent) My question now is: how do I set server IP and agent key using command line? -- --- You received this message because you are

[ossec-list] Alerts generated despite level '0' rule being hit

2017-01-26 Thread Daniel B.
full_log: Files hidden inside directory '/var/lib/docker/aufs/mnt/545d04c068f0f7ce19361a94d1c43b0c6686a0dfdd45e1803ccee569acc1767b/usr/share/locale'.

[ossec-list] OSSEC_PCI_DSS_Guide for PCI DSS 3.1 (or 3.2)?

2017-01-26 Thread Igor Gatis
Hi, I found this doc from Wazuh which tells how OSSEC helps on PCI: https://wazuh.com/resources/OSSEC_PCI_DSS_Guide.pdf It refers to PCI DSS 3.0. Is there doc similar to this for more recent version of PCI DSS? -- --- You received this message because you are subscribed to the Google

Re: [ossec-list] OSSEC agent on windows laptops that will be out of the network

2017-01-26 Thread Dave Stoddard
One solution to the connectivity issue is to install a VPN on all of the external devices and communicate with the OSSEC server using the VPN. This is what we do for our clients and it works without any issues. With regard to storing events, there is an older Windows event collector called

[ossec-list] Re: ossec-analysisd won't start, "could not create directory"

2017-01-26 Thread Kat
I'll write something up and submit it. Kat On Friday, January 13, 2017 at 1:28:42 PM UTC-6, Joel wrote: > > hi all, > > man, not having a good day. > > I was starting to run out of space on my / volume as a result of ossec > logs piling up. i need to keep the logs, so i added a new drive (to

Re: [ossec-list] Re: ossec-analysisd won't start, "could not create directory"

2017-01-26 Thread dan (ddp)
On Wed, Jan 25, 2017 at 3:05 PM, Kat wrote: > My bad - I should have explained "bind" a bit more. This is actually part > of the FUSE filesystem (http://bindfs.org) > You will need to install fuse utils and Userspace programs -- example: > > #yum search fuse > > >