standard Linux text file
reader tools like less/cat/more/nano etc.
I have config files I have customised for CentOS/RHEL and also Windows 2008 R2,
if you want a copy, let me know
Best Regards,
Max Williams
From: ossec-list@googlegroups.com [mailto:ossec-l...@googlegroups.com] On
Behalf
,
Max Williams
From: ossec-list@googlegroups.com [mailto:ossec-l...@googlegroups.com] On
Behalf Of Muraleedaran Kanapathy
Sent: 11 May 2010 15:24
To: ossec-list@googlegroups.com
Subject: RE: [ossec-list] RE: ossec for log analysis
Hi Max
Thanks again for the support
What I meant is how to view
Hi Muraleedaran,
You cannot browse all windows events from the web interface, you can only view
Windows Events that have been triggered by a rule to generate an alert. Take a
look in this file on the ossec server:
osse_path/rules/msauth_rules.xml
You could write your own rule to generate alerts
Hi,
Does anyone know if there any way I could achieve something like this?
ignore/var/syslog/*/*/*/%d/ignore
Basically I want to ignore log files (which rotate file every hour and
directory every day) that are still being written to because they are
generating unwanted alerts. But I still want
for monitoring on both the server and the agents
already but I only get the email notifications for the server.
TIA and best regards,
Max Williams
, Max Williams max.willi...@mflow.com wrote:
Hi OSSEC List,
I am new to OSSEC. I have it running on a few Linux and Windows hosts with
more or less the default settings and I am very happy with it.
I notice that when I log in to the OSSEC server I immediately receive an
email notifying