Thanks for your help. In installed OSSEC on a computer running CENTOS
and used this to check a log file.
Brian
On 7/11/2011 2:49 AM, Jorge Armando Medina wrote:
On 07/10/2011 03:18 PM, brian wrote:
Is it possible to use OSSEC to evaluate the log files from a server I
don't have root access to? I'm helping a friend with a web site that
was hacked and I'm trying to use OSSEC to find where the hacker got
in. My hope is to download the logs and give them to OSSEC. I'm
running vista and have centos running in vmware.
You can use ossec-logtest manually against your log files, I think you
should read the following article:
http://dcid.me/2010/01/using-ossec-for-the-forensic-analysis-of-log-files/
I hope this can help you.
I found the post 'Installation and use without root access' but I can
edit the etc dir.
