Hi: When I installed the "client-server" model, I ran into this question in the "ossec.log" file. Could someone tell me what the reason is? Below is the last few lines in "ossec.log" file:
2007/05/04 14:43:12 ossec-analysisd: White listing IP: '127.0.0.1' 2007/05/04 14:43:12 ossec-analysisd: White listing IP: 'xxx' 2007/05/04 14:43:12 ossec-analysisd: White listing IP: 'xxx' 2007/05/04 14:43:12 ossec-analysisd: 3 IPs in the white list for active response. 2007/05/04 14:43:12 ossec-analysisd: White listing Hostname: 'localhost.localdomain' 2007/05/04 14:43:12 ossec-analysisd: White listing Hostname: 'xxx' 2007/05/04 14:43:12 ossec-analysisd: 2 Hostname(s) in the white list for active response. 2007/05/04 14:43:12 ossec-analysisd: Started (pid: 19842). 2007/05/04 14:43:12 ossec-remoted(1206): Unable to Bind port '1514' 2007/05/04 14:43:13 ossec-monitord: Started (pid: 19863). 2007/05/04 14:43:15 ossec-syscheckd: Started (pid: 19859). 2007/05/04 14:43:18 ossec-logcollector(1950): Analyzing file: '/var/log/messages'. 2007/05/04 14:43:18 ossec-logcollector(1950): Analyzing file: '/var/log/auth.log'. 2007/05/04 14:43:18 ossec-logcollector(1950): Analyzing file: '/var/log/syslog'. 2007/05/04 14:43:18 ossec-logcollector(1950): Analyzing file: '/var/log/mail.info'. 2007/05/04 14:43:18 ossec-logcollector: Started (pid: 19846). 2007/05/04 14:43:21 ossec-analysisd(1210): Queue '/queue/alerts/ar' not accessible. 2007/05/04 14:43:36 ossec-analysisd(1301): Unable to connect to active response queue. 2007/05/04 14:43:36 ossec-analysisd: Connected to '/queue/alerts/execq' (exec queue) --------------------------------- 8:00? 8:25? 8:40? Find a flick in no time with theYahoo! Search movie showtime shortcut.
