Sure, I want to know the minimal requisites to install OSSEC in a Linux
environment.
I want to probe file integrity monitoring function.
Thanks, regards.
De: ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com] En nombre
de Pedro S
Enviado el: martes, 26 de abril
On Wed, Apr 27, 2016 at 11:09 AM, sandeep wrote:
>
> Thanks Dan for the reply. So just to conclude, auto_ignore option cannot be
> used in the agent.conf and is only applicable to ossec.conf server/local
> installations right ?
>
Correct.
> --
>
> ---
> You received
Thanks Dan for the reply. So just to conclude, auto_ignore option cannot be
used in the agent.conf and is only applicable to ossec.conf server/local
installations right ?
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe
On Wed, Apr 27, 2016 at 10:54 AM, sandeep wrote:
> Hello All,
>
> We used the auto_ignore option in agent.conf file and when the OSSEC service
> was started on the agents it stopped monitoring the directories saying
> "syscheck is disabled" in the ossec.log file.
>
Hello All,
We used the *auto_ignore option in agent.conf* file and when the OSSEC
service was started on the agents it stopped monitoring the directories
saying *"syscheck is disabled"* in the ossec.log file.
2016/04/27 10:40:05 ossec-agent: Starting syscheckd thread.
2016/04/27 10:40:05
On Tue, Apr 26, 2016 at 3:12 PM, Dennis Golden
wrote:
> Over the past several years, I have submitted diff's for InstallServer.sh
> and InstallAgent.sh to make the users and group be in the range for system
> users/groups.
>
> I use openSUSE that has always
Hi Tahir,
I didn't test it but it should work:
local_rules.xml:
syscheck
Increasing the Alert Severity for syscheck
In case you need filter by folders you could use *match *or *regex*. Check
out the last example in the documentation