Hi,
I am evaluating the OSSEC software, tried configure the alert_new_files
option in the syscheck configuration , but it didn't work.
I created a "c:\test" folder with 2 files. Added the following to the
window oseec agent ossec.conf
syscheck>
<frequency>60</frequency>
<directories check_all="yes">C:\test</directories>
<alert_new_files>yes</alert_new_files>
<auto_ignore>no</auto_ignore>
...
...
...
...
</syscheck>
after restarting the agent , I added files into the c"\test directory, but
OSSEC-SERVER didn't receive any new file alert.
Anyone can advise what go wrong ?
Do I need to make any chance to the server ossec.conf file ?
your prompt reply is greatly appreciated.
Thank you in advance.
Regards
John
<
__________________________________________________________________
Yahoo! Singapore Answers
Real people. Real questions. Real answers. Share what you know at
http://answers.yahoo.com.sg
