Hello, i have a couple questions pertaining mainly to reports, and start up scripts
1. I read somewhere that it is possible to change the format of the daily reports. Where are these files located? i have not been able to find them? 2. Does the follow start up script also work on solaris? also if anyone has any pointers to modify it to work on solaris, i would greatly appreciate it. Michael #!/bin/sh # OSSEC Controls OSSEC HIDS on Redhat-based systems # Author: Kayvan A. Sylvan <[email protected]> # Author: Daniel B. Cid <[email protected]> # # chkconfig: 2345 99 15 # description: Starts and stops OSSEC HIDS (Host Intrusion Detection System) # # This will work on Redhat systems (maybe others too) # Source function library. export LANG=C . /etc/init.d/functions . /etc/ossec-init.conf if [ "X${DIRECTORY}" = "X" ]; then DIRECTORY="/var/ossec" fi start() { echo -n "Starting OSSEC: " ${DIRECTORY}/bin/ossec-control start > /dev/null RETVAL=$? if [ $RETVAL -eq 0 ]; then success else failure fi echo return $RETVAL } stop() { echo -n "Stopping OSSEC: " ${DIRECTORY}/bin/ossec-control stop > /dev/null RETVAL=$? if [ $RETVAL -eq 0 ]; then success else failure fi echo return $RETVAL } status() { ${DIRECTORY}/bin/ossec-control status } case "$1" in start) start ;; stop) stop ;; restart) stop start ;; status) status ;; *) echo "*** Usage: ossec {start|stop|restart|status}" exit 1 esac exit $? 3. Are there any rules or reports that get triggered with Fedora 13? Thank you, and any guidance is greatly appreciated. Michael W.
