Re: [ossec-list] Disable the ossec-agent for OS updates.

It will be great if you implement this. I'll wait with impatience. On Wednesday, May 31, 2017 at 8:22:24 PM UTC+3, Pedro Sanchez wrote: > > Great! Good to know its working! > > Thanks for coming back to tell us. > > I believe we will develop a easier way to do this on the future, something >

[ossec-list] OSSEC windows agent on non-English Windows

Hi, I haven't got group "Administrators" on my non-English Windows. Ossec-agent for Windows is trying to execute command: echo y|cacls * /T /G Administrators:f or: echo y|cacls . /T /G Administrators:f Installation ends with an error becouse group Administrators doesn't exist. I think that

[ossec-list] Re: Rule on server only for specific agents

Hi Tom, there is a rule option, , that should work for you. Alerts start this way: ** Alert 1488922301.778562: mail - ossec,syscheck,pci_dss_11.5, 2017 Mar 07 13:31:41 (myagent) 192.168.66.1->syscheck The text in red is the agent hostname, it has form "(name) IP". Another instance may be

[ossec-list] Rule on server only for specific agents

Is it possible specify in which agents you want certain rule enabled? -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[ossec-list] [Freelance] Mission expert sécurité OSSEC / SPLUNK - Paris

Hello everyone ! I allow myself to post a mission opportunity. Context: Audit of the client's environment + accompaniment in the deployment of the chosen solution. Project: FIM migration study to switch the Tripwire client environment to an OSSEC solution. Stack: OSSEC, SPLUNK, Tipwire

Re: [ossec-list] ossec 2.9.0 - mysql problem

On Thu, Jun 1, 2017 at 5:39 AM, wrote: > Hi, > I installed OSSEC ver. 2.9.0. Server worked, but I can't compile ossec with > mysql support. > > This command doesn't work: > make TARGET=server DATABASE=mysql install > > I checked few *.c files and found that in

[ossec-list] Email Notification using msmtp..

I have configured msmtp # Set defaults. > defaults > # Enable or disable TLS/SSL encryption. > tls on > tls_starttls on > tls_trust_file /etc/ssl/certs/ca-certificates.crt > # Setup WP account's settings. > account el-notification > domain localhost > host smtp.mandrillapp.com > port 587 > auth

Re: [ossec-list] ossec 2.9.0 - mysql problem

Pull requests #1135 and #1136 created for this. Thanks for the report! On Fri, Jun 2, 2017 at 3:18 PM, dan (ddp) wrote: > On Thu, Jun 1, 2017 at 5:39 AM, wrote: >> Hi, >> I installed OSSEC ver. 2.9.0. Server worked, but I can't compile ossec with >>

Re: [ossec-list] Disable the ossec-agent for OS updates.

We have a pull request to allow for a whitelist of hashes to be stored in an sqlite database. I think Wazuh already has this feature. (https://github.com/ossec/ossec-hids/pull/1091) You could pre-populate it with the appropriate hashes before an upgrade. On Fri, Jun 2, 2017 at 3:45 AM,

Re: [ossec-list] OSSEC windows agent on non-English Windows

I have created pull request #1137. Thanks for researching that! On Fri, Jun 2, 2017 at 9:04 AM, wrote: > Hi, > > I haven't got group "Administrators" on my non-English Windows. > Ossec-agent for Windows is trying to execute command: > echo y|cacls * /T /G Administrators:f