Hi Dan,
Thanks.
Regards,
Marcos
On Tue, Jul 10, 2012 at 10:12 PM, dan (ddp) ddp...@gmail.com wrote:
On Sat, Jun 30, 2012 at 2:02 PM, Marcos Tang marcostang2...@yahoo.com
wrote:
Hi,
I have 2 questions about OSSEC and I want to know your answer.
Today, the syscheck_control -i 125 -f
Hi,
I have 2 questions about OSSEC and I want to know your answer.
Today, the syscheck_control -i 125 -f /usr/local/bin/test1 shows the following
results (See background information section below).
My understanding to the syscheck_conrol output is
(a) this file is initially added to the
Hi,
I find my OSSEC server keeps reporting a file is changed. I checked that
file check sum and timestamp and it has nothing change, as far as I can
tell.
When I try to see what is going on inside the file
/opt/ossec/queue/syscheck/(ossec_client) 172.30.XX.XXX - syscheck, I
find there are 2
From: dan (ddp) ddp...@gmail.com
To: ossec-list@googlegroups.com
Sent: Wednesday, February 29, 2012 7:03 PM
Subject: Re: [ossec-list] Can anyone explain the syntax of the file
/opt/ossec/queue/syscheck?
On Wed, Feb 29, 2012 at 12:55 AM, Marcos Tang marcos.t...@gmail.com wrote:
Hi,
I find my
Hi Dan,
Refer to my previous email, I have the following findings.
*
Output from the OSSEC server
*
[root@myserver ~]# /opt/ossec/bin/syscheck_control -i 049 -f
/opt/syslog-ng/conf/syslog-ng.conf
Integrity changes for agent 'myagent (049)
Hi OSSEC users and Dan
High-level background of my current setup:
- Several OSSEC servers are running on Solaris
- OSSEC agents are running on Solaris and reporting to the above OSSEC servers
- Running /opt/ossec/bin/agent_control -lc shows the agents are connecting to
the server
- File
Hi,
I have a question about the behavior of the frequency parameter inside the
agent.conf file.
Right now, the OSSEC agent has the agent.conf file with
frequency86400/frequency setup, or it will scan the files every 20 hours.
One observation from the OSSEC server is the timestamp of the
Hi,
I am deploying OSSEC to my working environment and I am having issue to add
OSSEC agents more than the default supported number.
I follow this URL
(http://www.ossec.net/doc/faq/unexpected.html?highlight=maximum#errors-when-dealing-with-multiple-agents)
and I re-compiled the OSSEC server