I haven't tested this myself, but a friend mentioned that adding these additional gmail smtp servers should help:
<smtp_server>alt1.gmail-smtp-in.l.google.com</smtp_server> <smtp_server>alt2.gmail-smtp-in.l.google.com</smtp_server> <smtp_server>alt3.gmail-smtp-in.l.google.com</smtp_server> <smtp_server>alt4.gmail-smtp-in.l.google.com</smtp_server> <smtp_server>gmail-smtp-in.l.google.com</smtp_server> Cheers, - Joern On 08/28/2012 01:43 PM, C. L. Martinez wrote: > On Tue, Aug 28, 2012 at 9:14 AM, ant's <[email protected]> wrote: >> Hi all. I'm very new to OSSEC. I use a server-agent model. I wish to >> generate alert for the following actions ( in agent side ): >> >> >> 1) Sample Alert for delation of logs >> >> >> I added the rules for these in agent's ossec.conf using <localfile> tags. >> Like this : >> >> <localfile> >> <log_format>syslog</log_format> >> <location>/var/log/syslog</location> >> </localfile> >> >> >> In my server's ossec.conf. I added the following : >> >> <global> >> <email_notification>yes</email_notification> >> <email_to>xxxx@xxxxxx</email_to> >> <smtp_server>smtp.gmail.com</smtp_server> >> <email_from>xxxx@xxx</email_from> >> </global> >> >> And I restarted my server. Now I tried to delete the agents syslog file >> using rm syslog. But no alerts has been triggered. >> >> Where I'm making the mistake? >> >> > > I am not sure that works with ossec's config. I am doing the same > approach as you, but I am using a real MTA (in my case, postfix) and > works ok. >
