My OSSEC-HIDS stopped alerting me by email at the end of August. I ran a "truss" on the ossec-maild process and see it's complaining that...
open64("/logs/alerts/2006/Sept/ossec-alerts-04.log", O_RDONLY) Err#2 ENOENT
Checking my /logs/alerts/2006 directory, I see...
shark# pwd
/var/ossec/logs/alerts/2006
shark# ls
Aug Jul Sep
So there's an inconsistency here (Sept vs Sep).
Can we have a fix, please?
Cheers,
Richard
