Hello, Thank you so very much for the ossec application – it’s truly very cool!
I really hate to bother with these two questions regarding ossec, but I am stuck… Have been beating my head against a wall for a week… Trying to monitor smtp logs for exchange server and the log_format type msexchange does not work. When msexchange or ms-exchange are attempted the winx86 agent (version 2) errors out with invalid log format. Tried iis as the log format but nothing exchange related gets logged… Also agentless reporting for asterisk and vmware servers (1 each).. Ossec.log reports that the ssh timeout dies for that machine and a VMware esxi server I have running. I can ssh and it does take a bit for the password prompt to come up – same lan segment, quad cpus on both… 2009/06/18 13:09:09 ossec-agentlessd: ERROR: ssh_integrity_check_linux: [email protected]: Timeout while connecting to host: [email protected] . Also what would be the most meaningful way to log for asterisk and vmware… Thank you for your help and the application! Tres
