On Tuesday, August 28, 2012 7:12:03 PM UTC+5:30, dan (ddpbsd) wrote: > > On Tue, Aug 28, 2012 at 9:38 AM, ant's <[email protected] <javascript:>> > wrote: > > So using this way works: > > > > <smtp_server>alt2.gmail-smtp-in.l.google.com</smtp_server> > > > > But it is going to spam folders! Which is kind of irritating. Are there > any > > ways in which I can authenticate email sender's id? > > > > And since I'm very new to the Ossec. I wonder there are no alerts.log in > my > > /ossec/etc/logs folder. But still I get email alerts. Isn't sound bad? > > > > /var/ossec/logs/alerts/alerts.log >
This file is empty! And can anyone say of how to send a mail properly? Because all my mails are going to the spam folders. > > > On Tuesday, August 28, 2012 5:43:44 PM UTC+5:30, dan (ddpbsd) wrote: > >> > >> On Tue, Aug 28, 2012 at 5:14 AM, ant's <[email protected]> wrote: > >> > Hi all. I'm very new to OSSEC. I use a server-agent model. I wish to > >> > generate alert for the following actions ( in agent side ): > >> > > >> > > >> > 1) Sample Alert for delation of logs > >> > > >> > > >> > I added the rules for these in agent's ossec.conf using <localfile> > >> > tags. > >> > Like this : > >> > > >> > <localfile> > >> > <log_format>syslog</log_format> > >> > <location>/var/log/syslog</location> > >> > </localfile> > >> > > >> > > >> > In my server's ossec.conf. I added the following : > >> > > >> > <global> > >> > <email_notification>yes</email_notification> > >> > <email_to>xxxx@xxxxxx</email_to> > >> > <smtp_server>smtp.gmail.com</smtp_server> > >> > <email_from>xxxx@xxx</email_from> > >> > </global> > >> > > >> > And I restarted my server. Now I tried to delete the agents syslog > file > >> > using rm syslog. But no alerts has been triggered. > >> > > >> > Where I'm making the mistake? > >> > > >> > > >> > >> Was no alert triggered (nothing in alerts.log) or are you just not > >> getting the email for it? >
