I figured this out on my own and thought I would post a response in the
event someone else is confused as I was.
My Application and System Log data was being sent to the OSSEC server;
however, the server was configured as such that the events I was seeing
within the Window's Event Viewer were
On Nov 17, 2015 9:58 AM, "Mega Chip" wrote:
>
> Same problem here. Any solution in the last 6 years?
>
Not that i am aware of. You can submit an issue or code for this at
https://github.com/ossec/ossec-hids
Possible hack-ish solutions:
Stunnel
Ssh tunnel
Log to
Same problem here. Any solution in the last 6 years?
Am Donnerstag, 23. April 2009 11:20:55 UTC+2 schrieb ver...@neuestadt.ch:
>
>
> Hello
>
> we intend to to install OSSEC server in secure subnet and/but some Windows
> clients in the DMZ should be monitored.
> Our security policy is, that no
On Thu, 23 Apr 2009 11:20:55 +0200, ver...@neuestadt.ch wrote:
Hello
we intend to to install OSSEC server in secure subnet and/but some
Windows
clients in the DMZ should be monitored.
Our security policy is, that no host in the DMZ can establish a
connection
to the
secure subnet behind
I noticed this. There appears to be a memory leak with event log
monitoring. I commented that portion out of the config and haven't
had any memory problems.
To get the event logs off, I installed SNARE and had it forward them
to OSSEC. (or rather, to a syslog-ng separated file that the OSSEC
Yes, it is fixed already on the following snapshot:
http://www.ossec.net/files/snapshots/ossec-win32-080912.exe
We will soon release version 1.6.1 with those fixes.
Thanks,
--
Daniel B. Cid
dcid ( at ) ossec.net
On Tue, Sep 30, 2008 at 6:10 PM, [EMAIL PROTECTED] wrote:
I noticed this.
Hi,
I never tried ossec on Windows 2008 (or Vista), so I guess we don't
support it in there yet. I will have to get
a hold on these versions to add support for them...
Thanks,
--
Daniel B. Cid
dcid ( at ) ossec.net
On Mon, Apr 21, 2008 at 5:57 AM, Per Salomonsson
[EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote:
Has anyone implemented Ossec with windows firewall? Ossec on *Nix kicks A**
but how about windows?
I have OSSEC running on Windows servers that also have Windows Host
Firewalls running. OSSEC reads the logs and reports on multiple dropped
packets. I have a feeling
: Friday, February 08, 2008 5:08 PM
Subject: [ossec-list] Re: Ossec with Windows firewall?
I have it running on some Windows 2003 server (agent), but I have
problems when it goes to read my security log file, it just hangs for
some reason. I think Daniel may be releasing a patch
Yes, It is due to a resource pool leak in those versions. Upgrade to
1.3.
From: ossec-list@googlegroups.com [mailto:[EMAIL PROTECTED]
On Behalf Of Marco Supino
Sent: Wednesday, October 24, 2007 10:47 AM
To: ossec-list@googlegroups.com
Subject:
Marco Supino wrote:
Hi,
I am having a problem with Ossec running on windows, versions 1.1 and
1.2, the machine stops working after a few weeks,
Hello Marco,
I have these versions of OSSEC running on several Windows machines and
don't have these problems. Are you sure you don't have
Where can I find this info ? I couldn't find anything in the changelog
Marco.
From: ossec-list@googlegroups.com [mailto:[EMAIL PROTECTED]
On Behalf Of McClinton, Rick
Sent: Wednesday, October 24, 2007 17:05
To: ossec-list@googlegroups.com
Subject: [ossec-list] Re: Ossec on windows
@googlegroups.com
Subject: [ossec-list] Re: Ossec on windows
Yes, It is due to a resource pool leak in those versions. Upgrade to 1.3.
From: ossec-list@googlegroups.com [mailto:[EMAIL PROTECTED] On
Behalf Of Marco Supino
Sent: Wednesday
No, it only detects and sends notifications, no active-response.
-Original Message-
From: ossec-list@googlegroups.com [mailto:[EMAIL PROTECTED]
On
Behalf Of [EMAIL PROTECTED]
Sent: Wednesday, June 20, 2007 3:30 AM
To: ossec-list@googlegroups.com
Subject: [ossec-list] Ossec on
14 matches
Mail list logo