Hi,
I am using OSSEC 2.9.0 and am not sure what I am doing right or wrong. It
apears that rootkit_files, rootkit_trojans, and system_audit don't fire on
the agents when using a centralized setup. I've restarted agents and the
server numerous times and waited. The merged.mg file appears to be
Hi,
I am using OSSEC 2.9.0 and am not sure what I am doing right or wrong. It
apears that rootkit_files, rootkit_trojans, and system_audit don't fire on
the agents when using a centralized setup. I've restarted agents and the
server numerous times and waited. The merged.mg file appears to be
It may be worth investigating an upgrade to OSSEC 2.9.0.
According to the changelog, there's 2 potentially useful fixes that may
help you out https://github.com/ossec/ossec-hids/releases
- Avoids computing hashes multiple times to improve performance
- Syscheck improvements
What version of OSSEC are you running? What specs does the server node have?
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Hi,
I'm running OSSEC 2.9.0. I'm unable to get the rootcheck to run the
rootcheck_files, rootcheck_trojans,a and system_audit on an agent that has
its config pushed out via the server. I'm not sure what I'm doing wrong.
*server: /var/ossec/etc/ossec.conf*
no
