Re: [ossec-list] Simple windows application text file log config?

Hi Tom, If you need to monitor a file (changes, permissions) you must to use syscheck . You *can't* know who made the change. In case you need to generate an alert according to each new line added to a file (event), you

Re: [ossec-list] Simple windows application text file log config?

On Wed, Jun 22, 2016 at 9:11 PM, Tom ONeil wrote: > Sorry for the slow response, finally slept for a decent length. > > > > We are getting everything from the Windows Event logs by default just fine > where they should be. > > Logall is grabbing everything else into

Re: [ossec-list] Simple windows application text file log config?

On Thursday, June 23, 2016 at 6:01:00 AM UTC-5, dan (ddpbsd) wrote: > > On Wed, Jun 22, 2016 at 9:11 PM, Tom ONeil > wrote: > > Sorry for the slow response, finally slept for a decent length. > > > > > > > > We are getting everything from the Windows Event logs by