Hello,
I have a question on trying to see where I can fix this issue. For example. I made a change to the ossec file on a windows server. OSEEC did detect the file was changed. However it did not inform me of who changed it. 2009 Mar 22+ossec.conf <http://127.0.0.1:8080/ossec/index.php?f=i##> -ossec.conf <http://127.0.0.1:8080/ossec/index.php?f=i##> File: ossec.conf Agent: 29847-Web1 Modification time: 2009 Mar 22 19:07:18 Also I am trying to monitor my IIS logs. I think I have a syntax error <localfile> <location>%WinDir% \D:\IISLogs\WWW\LogFiles\W3SVC26\ex%y%m%d.log</location> <log_format>iis</log_format> </localfile> 2009/03/22 18:15:51 ossec-agent(1952): INFO: Monitoring variable log file: '11inDir\D:\IISLogs\WWW\LogFiles\W3SVC26\ex090322.log'. 2009/03/22 18:15:51 ossec-agent(1103): ERROR: Unable to open file '11inDir\D:\IISLogs\WWW\LogFiles\W3SVC26\ex090322.log'. 2009/03/22 18:15:51 ossec-agent(1950): INFO: Analyzing file: '11inDir\D:\IISLogs\WWW\LogFiles\W3SVC26\ex090322.log'. Israel Cortes | Systems Administrator Vesdia Corporation 3348 Peachtree RD N.E. | Tower 200 | Suite 300 Atlanta, Georgia 30326 678.405.9292 office 404.388.9819 cell
