woud like to get ossec logging to standard rsyslog I do a simple
<syslog_output>
<server>127.0.0.1</server>
</syslog_output>
# /var/ossec/bin/ossec-control enable client-syslog
# /var/ossec/bin/ossec-control start
and I see .....
Starting OSSEC HIDS v2.6 (by Trend Micro Inc.)...
ossec-analysisd: Configuration error. Exiting.
Started ossec-csyslogd...
but in the lots I don't see
"ossec-csyslogd: INFO: Forwarding alerts via syslog to: xxx"
please advise
