Re: [ossec-list] Redundancy manager (backup)

Sorry I forgot to mention Chef, you can definitely use it to deploy your agents. If you are interested on it, take a look at: https://github.com/sous-chefs/ossec. Best regards. On Tue, Apr 4, 2017 at 2:55 PM, Martin wrote: > Is it possible to deploy them (agents) easily

Re: [ossec-list] Redundancy manager (backup)

Is it possible to deploy them (agents) easily via chef ? THank you again for your answers! Best regards. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to

Re: [ossec-list] Redundancy manager (backup)

Hi Martin, there are actually some options to deploy agents, you can use Puppet or Ansible to make a large deployment. A very simple unattended installation could be installing the agent with preloaded variables. You can find file etc/preloaded-vars.conf at the source code, fill it (uncomment and

[ossec-list] Re: Detecting Powershell

Hi, Sysmon has several events (1, 11, 15) that can be used to monitor Powershell executions. Sysmon - Event 1 > 2017 Mar 29 13:36:36 WinEvtLog: Microsoft-Windows-Sysmon/Operational: > INFORMATION(1): Microsoft-Windows-Sysmon: SYSTEM: NT AUTHORITY: > WIN-P57C9KN929H: Process Create: UtcTime:

Re: [ossec-list] Redundancy manager (backup)

I know it is possible with "Unattended Source Installation" but i'd still have to add manually these agents on the manager or is there another way :) ? -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and

Re: [ossec-list] Redundancy manager (backup)

Hi Victor, Now that I know it is possible to have a second manager in case the first one stop running. I'm wondering, is there a proper way to copy the first manager to duplicate it ? Like that i won't have to configure the second manager as I did with the first one. And I was looking aswell