Thanks for the response. That is the problem. The box with the issue is running Slackware with a 2.4 kernel.
I have been using OSSEC for years now. I upgraded to 2.4, saw the realtime monitoring and thought I would give it a try. I'll give it a shot on one of the Ubuntu servers. Thanks for your help. -Brad Kirk Frankovich wrote: > What version of Linux are you running? Kernel support for the real time > feature wasn't added until 2.6, which means RHEL 4.x doesn't support it. > > > -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of Brad Hazledine > Sent: Monday, April 19, 2010 11:29 AM > To: [email protected] > Subject: [ossec-list] Realtime integrity monitoring > > Hi there, > > I enabled realtime monitoring and I am getting the following error, > > 2010/04/19 12:01:50 ossec-syscheckd: INFO: Monitoring directory: > '/my/directory'. > 2010/04/19 12:01:50 ossec-syscheckd: WARN: Ignoring flag for real time > monitoring on directory:'/my/directory' > > I am running ossec 2.4 > > Can anyone suggest what the problem may be? > > Thanks, > > -Brad > > > > > > -- Brad Hazledine <[email protected]> Caledon Card Services P.O. Box 81, 11672 Trafalgar Rd. Georgetown, Ontario L7G 4T1 Phone (647) 258-3713 Fax (905) 702-9907 WWW: http://www.caledoncard.com ------------------------------------------------------------------------------------------------- This email and any files transmitted with it are CONFIDENTIAL and are intended solely for the use of the individual or entity to whom it is addressed. If you are not the intended recipient or the person responsible for delivering the email to the intended recipient, be advised that you have received this email in error and that any use, dissemination, forwarding, printing or copying of this email is strictly prohibited. ------------------------------------------------------------------------------------------------- -- Subscription settings: http://groups.google.com/group/ossec-list/subscribe?hl=en
