-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Jul 21, 2010, at 3:43 AM, Houcem HACHICHA wrote: > Thanks for the quick reply Jason, > > For sure, I am not talking about file integrity monitoring. It's about System > Audit Events. Here is an example: > > rootcheck Rule: 516 (level 3) -> > System > Audit event > . Src IP: (none) User: (none) System Audit: PHP - Safe mode > disabled. File: > /etc/php.ini > . (none) System Audit: PHP - Safe mode > disabled. File: > /etc/php.ini. 1 > > My problem is that the php.ini file I want ossec to audit is not the one > under /etc.
Aha .. I have not explored that aspect of OSSEC yet.. So much to learn! :) - --------------------------- Jason 'XenoPhage' Frisvold [email protected] - --------------------------- "Any sufficiently advanced magic is indistinguishable from technology." - - Niven's Inverse of Clarke's Third Law -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) iEYEARECAAYFAkxHrb4ACgkQ8CjzPZyTUTSoUACfe3YV0fZLAFk5Lgz4/tMnn/FC NxMAoI3I8QDlKejnFNLHq/RVKYk0OM/5 =y586 -----END PGP SIGNATURE-----
