Dears,
I have a problem on sending ossec alert log to syslog server. I found an
article that shows how to configure ossec.conf to send log data to
syslog server.
Then I configured my ossec.conf file like below:
<ossec_config>
<global>
<email_notification>yes</email_notification>
<email_to>xxxxxxxxxxxxxxx</email_to>
<smtp_server>xxxxxxxxxxxxx</smtp_server>
<email_from>xxxxxxxxx</email_from>
</global>
<syslog_output>
<server>172.30.80.40</server>
</syslog_output>
Is there any mistake on my configuration? Also, do I need to modify
syslog.conf file?
Please, help me
--
Altangerel Ganbold
