Dear Users and Developers, I'm trying OSSEC windows agent lately. However, I can't get the syscheck working. (rootkit / localfile checks are alright).
The problem I have is ossec-agent doesn't forward any file integrity alert. Regardless 'auto_ignore' / 'alert_new_files' are set or not. I have also turned on syscheck.debug=1, but don't see any extra log in ossec.log. Also, I have another related question on syscheck. Is it possible to kick off syscheck manually? If i can trigger syscheck manually, the configuration process would be much easily and efficient. Thanks! Best regards, Zarick
