On Monday, November 16, 2015 at 8:28:27 AM UTC-5, Daniel Bray wrote:
>
> With the updated alert_by_email settings, this has stopped the email
> alerts. I see it hitting the WebUI as alert level 2, but no emails are
> coming in.
>
Unfortunately, with everything put back to the default
Hi, all. I'm at my wit's end here, so I'm hoping someone can help.
I've got OSSEC installed in a server/agent configuration. The server itself
works; I get email notifications from changes on it. The issue is that the
agents won't connect to the server. Both the agents and the server have
Hello,
I encounter the same problem as you.
Creating an empty file 'hostname-> syscheck-registry' for linux agent.
Even if I delete after a syscheck_update he recreated.
did you find a solution?
Thanks
Le mercredi 4 novembre 2009 18:01:52 UTC+1, Alan Sparks a écrit :
>
> I have a problem
On Mon, Nov 23, 2015 at 9:37 AM, chataigne cat wrote:
>
> Hello,
> I encounter the same problem as you.
> Creating an empty file 'hostname-> syscheck-registry' for linux agent.
> Even if I delete after a syscheck_update he recreated.
> did you find a solution?
> Thanks
>
On Sun, Nov 22, 2015 at 11:13 PM, wrote:
> Hi, all. I'm at my wit's end here, so I'm hoping someone can help.
>
>
> I've got OSSEC installed in a server/agent configuration. The server itself
> works; I get email notifications from changes on it. The issue is
Thanks Josh. I have started a new thread below:
https://groups.google.com/forum/#!topic/ossec-list/eAblb28kxA0
On Tuesday, November 17, 2015 at 7:09:00 AM UTC-5, DefensiveDepth wrote:
>
> Konrad,
>
> I apologize, but I won't get to testing this further until the weekend...
> Just wanted to
Hello,
I am having issues with decoding sysmon generated process creation logs and
alerting. I am using below decoder:
https://github.com/defensivedepth/Sysmon_OSSEC/blob/master/Sysmon_OSSEC-Decoders.xml
I have also loaded rules below:
Hi,
We are using HP ArcSight SIEM and looking to integrate OSSEC logs with that.
Regards
Vipin Hooda
On Friday, November 20, 2015 at 10:40:06 PM UTC+5:30, Santiago Bassett
wrote:
>
> What SIEM do you use? Are you looking for professional support?
>
> Best
>
>
>
> On Fri, Nov 20, 2015 at 8:22
This may be a stupid question, but when setting up public key auth for
devices to be monitored without an agent, if you set a passphrase for the
public key, when and how would this need to be entered?--only upon the
initial connection from OSSEC and the device to be monitored? Would this
need
I want to know if anyone know how to send the Ossec logs to a server that
runs Solarwind. The server need to be able to capture the logs to create
and send security reports.
Stephen LuShing
Hofstra University - Open System
125 Hofstra University
McEwen Hall - Room 208
Hempstead, NY
Hi Daniel, sorry for late response.
I don't know for real what is happening with your alerts but i'll keep
giving you some advices, we'll see if we can make this work.
Maild read directly from alerts.log, search for "mail" flag and if it is
present send the email, that means if your alerts is
Hello,
Hoping someone can help me.
New server install on RHEL 6 using source file ossec-hids-2.8.3.tar.gz, it
appears the very important daemon, ossec-analysisd, does not fully start,
thus preventing other processes from running. The log pasted below shows no
smoking gun. Debug has been
12 matches
Mail list logo