Thanks! I will use Nagios for monitoring, and/or correlate its events with
ossec.log (parse this log itself). And we will see the efficiency.
2017. február 1., szerda 14:22:19 UTC+1 időpontban dan (ddpbsd) a
következőt írta:
>
> On Wed, Feb 1, 2017 at 7:14 AM, Tibor Luth >
On Wed, Feb 1, 2017 at 7:14 AM, Tibor Luth wrote:
> Nothing at all. That's why I thought to monitor a command output. Primarily
> in the mentioned (ossec-server side) appliance. Thanks the reply. (I havent
> figured out any solution yet).
>
Well there should be alerts when an
Nothing at all. That's why I thought to monitor a command output. Primarily
in the mentioned (ossec-server side) appliance. Thanks the reply. (I havent
figured out any solution yet).
2017. január 31., kedd 15:23:00 UTC+1 időpontban dan (ddpbsd) a következőt
írta:
>
> On Mon, Jan 30, 2017 at
On Mon, Jan 30, 2017 at 9:14 AM, Tibor Luth wrote:
> Hi all!
>
> I have a few datasources sending remote syslog to an OSSIM appliance running
> Rsyslog (udp or tcp/514) and OSSEC server and local agent. First I would
> like to generate alerts or see in logs if a datasource
Hi all!
I have a few datasources sending remote syslog to an OSSIM appliance
running Rsyslog (udp or tcp/514) and OSSEC server and local agent. First I
would like to generate alerts or see in logs if a datasource (ossec-agents
also) lost connection or stopped logging... (eg. misconfiguration