Hello, I am currently running v1.6 as a local standalone agent and have set auto ignore to "no" in my ossec.conf file and want to manually add files as I see fit. The issue I am having is that when I try and add a file to the ignore list using the following command I get an error.
COMMAND: ./syscheck_control -i 000 -f "/blkid.tab.old" -d which in turn produces this ERROR: Integrity checking changes for local system 'viper01 - 127.0.0.1': Detailed information for entries matching: '/etc/blkid.tab' ** ERROR: fputs failed (unable to update counter). What on earth does this mean or better yet what the heck am I doing wrong? The full path to the file is '/etc/blkid.tab'. In addition there is another file with the same name but with .old at the end of it 'blkid.tab.old'. Would this have anything to do with it? Any help in resolving this would be greatly appreciated. ---------------------------------------------------- Virus Free -- Scanned By MailSecurity ---------------------------------------------------- This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. Any views expressed in this message are those of the author, except where the sender specifically states them to be the views of BBG, Inc.
