On Sat, Sep 19, 2015 at 10:42 AM, Kai Chung Lau wrote:
> I know Ossec supports PostgreSql and Mysql, but since MariaDb is the drop-in
> replacement for Mysql, can Ossec also work with Mariadb?
>
> I have tried recompiling Ossec but it doesn't work.
> [root@ju src]# make
On Tue, Sep 22, 2015 at 4:56 AM, Matt Hickie wrote:
> Running into an issue with ossec-remoted not running. Setup had been
> working for over a couple of months and now the remoted process just seems
> to die. This is running on AWS linux
>
> Enabled debug with gdb.
>
>
Never mind, I think I found it.
If anyone wants to test this out before I look into what else needs to
be done for a release, I'd really appreciate it:
https://github.com/ddpbsd/ossec-hids/tree/283
I guess I should see if my fix for hybrid mode was in 2.8.2 or just pre-2.9...
On Tue, Sep 22,
On Mon, Sep 21, 2015 at 10:30 AM, James DeLeon wrote:
> Hello,
>
>
> I have a single OSSEC Server and a single agent set up currently. I receive
> e-mail alerts when the agent is reset, and I see things like the following
> in alerts.log on the server:
>
>
> ** Alert
On Mon, Sep 21, 2015 at 6:09 PM, Brent Morris wrote:
> (I'm assuming it is fixed in 2.9) - sure! Compile and post the 2.9 client
> binaries on ossec.net with checksums, etc.
>
> Or would this create other issues?
>
The issue is finding the time to do a complete release.
Running into an issue with ossec-remoted not running. Setup had been
working for over a couple of months and now the remoted process just seems
to die. This is running on AWS linux
Enabled debug with gdb.
/var/ossec/bin/ossec-control enable debug
/var/ossec/bin/ossec-control restart
ran
Hello Group!
I'm using the Logstash / Kibana (as well as the OSSEC basic web interface).
In Kibana I use a table view to sort OSSEC events by number and this helps
zero in on suspicious events. While the basic web interface is fairly
featureless I found that going to the search screen and