Hello list, Windows Ossec agent , default ossec.conf configuration, spits out a lot of errors I believe others have noticed it as well but I could not find a relative post .I was wondering if someone knew what they mean and how can they be resolved .
For example : ossec-agent: WARN: Error opening directory: 'C:\WINDOWS/System32/ telnet.exe': No such file or directory This error pops every time the syscheck is run , though the file exists and is there.Also Windows is agnostic of the direction of the slashes , so there must not be a problem there.If you put the above bun in Windows run or in a cmd prompt and hit enter , your are presented with a telnet prompt. Another group of mysterious errors that I do not know what affect they have to the monitoring ability of OSSEC are the following: 2012/01/19 15:02:43 ossec-agent(1107): ERROR: Unable to create directory: '/var/ossec/queue/diff/local/:\WINDOWS' 2012/01/19 15:02:43 ossec-agent(1124): ERROR: Unable to rename file: 'C:\WINDOWS/System32/drivers/etc/hosts'. What do they mean ? The first error (1107) refers to Ossec server path ? Anyone else noticed this behavior ? I am trying to troubleshoot Ossec's Windows monitoring unstable behavior and am wondering if the above errors are responsible. Thank you
