On Tue, Sep 26, 2017 at 12:41 PM, James Stallard
wrote:
> Help anyone:
> OK, I'm at a loss
> Running version:
> # ./ossec-analysisd -V
> OSSEC HIDS v2.8 - Trend Micro Inc.
> CentOS release 6.7 (Final)
> On AWS
>
> I've distributed the keys by hand via manage_agents
> and
On Mon, Sep 25, 2017 at 4:08 AM, Robert Necela wrote:
> Hello, i have message with character "`". But i can't write rule with such
> character. \. -> For anything not working and i can't find this character in
> \p -> ()*+,-.:;<=>?[]!"'#$%&|{} (punctuation characters)
>
>
On Sat, Sep 23, 2017 at 4:08 PM, wrote:
> Q1) Is the following searches will return the same results. SEARCH 1: ssh
> error SEARCH 2: ssh AND error. True or False
I think splunk's default search is an "OR," but it's been a while (and
of course my local install is acting
On Fri, Sep 22, 2017 at 6:22 PM, Kris Springer
wrote:
> Hi, I've got OSSEC agent v2.9.0 running on some Windows servers and clients
> of various versions and receive the default alerts through a Security Onion
> server. All is well from the defaults, but I'd like to
On Fri, Sep 22, 2017 at 12:11 PM, Leroy Tennison
wrote:
> Couldn't find anything about this is the archives, I started the agent and
> about 10 minutes later got an email with about 100 files listed as being
> new. The first 20 were in /usr/share/i18n/locales and I
On Fri, Sep 22, 2017 at 12:11 PM, Leroy Tennison
wrote:
> Couldn't find anything about this is the archives, I started the agent and
> about 10 minutes later got an email with about 100 files listed as being
> new. The first 20 were in /usr/share/i18n/locales and I
On Fri, Sep 22, 2017 at 3:49 AM, Nico MT wrote:
> Hi all,
>
> I've been trying to create a decoder for the new version of TrendMicro,
> which is not supported by OSSEC or by Wazuh yet. The sample event I want to
> decode is like this:
>
> 2017 Sep 20 16:12:10 WinEvtLog:
Dan/Jeff - thanks for the quick response! I know this sounds like a rookie
problem, but I have run out of debugging tools:
In summary:
1) the pb. is with clients from other subnets,
2) I DO have connectivity via udp1514 *bi-directionally *(confirmed by nc)
- I don't think any other ports are
On Wed, Sep 27, 2017 at 10:11 AM, James Stallard
wrote:
> Dan/Jeff - thanks for the quick response! I know this sounds like a rookie
> problem, but I have run out of debugging tools:
>
> In summary:
> 1) the pb. is with clients from other subnets,
> 2) I DO have
I should have said that this was a new install, the start of the agent was
as a result of completing the installation.
On Wednesday, September 27, 2017 at 8:04:28 AM UTC-5, dan (ddpbsd) wrote:
>
> On Fri, Sep 22, 2017 at 12:11 PM, Leroy Tennison
> wrote:
> > Couldn't
10 matches
Mail list logo