On Tue, Oct 2, 2012 at 11:23 AM, Michael Barrett <[email protected]> wrote: > > > This agent has worked in the past. We are trying to implement the authd > key management
Did you use an RPM to install OSSEC? Until very recently that whole thing was broken WRT authd. > > > ____________________________________________ > Michael Barrett | Information Security Analyst - Lead | Mortgage Guaranty > Insurance Corporation > 270 E. Kilbourn Ave. | Milwaukee, WI 53202 USA | ( 1.414.347.6271 | 7 > 1.888.601.4440 | * [email protected] > > This message is intended for use only by the person(s) addressed above and > may contain privileged and confidential information. Disclosure or use of > this message by any other person is strictly prohibited. If this message is > received in error, please notify the sender immediately and delete this > message. > > > > From: "dan (ddp)" <[email protected]> > To: [email protected] > Date: 10/02/2012 10:16 AM > Subject: Re: [ossec-list] agent-auth > Sent by: [email protected] > > ________________________________ > > > > On Tue, Oct 2, 2012 at 11:11 AM, Michael Barrett > <[email protected]> wrote: > > > > > > I am getting this message now. > > > > > > > > You realize you could have copied and pasted that right? And that > exposing your key is a bad thing? > > You could start by making sure the agent has the correct key. Has the > agent ever worked properly? > Make sure the limits you have set for the ossec user aren't too small. > Having excessive numbers of agents for one server could easily hit > default limits for sane systems. > Maybe try doing any of the things already offered for this type of > error (I'm assuming you haven't done anything to try and solve it > since you didn't mention doing anything). > > > > > > > > > ____________________________________________ > > Michael Barrett | Information Security Analyst - Lead | Mortgage > > Guaranty > > Insurance Corporation > > 270 E. Kilbourn Ave. | Milwaukee, WI 53202 USA | ( 1.414.347.6271 | 7 > > 1.888.601.4440 | * [email protected] > > > > This message is intended for use only by the person(s) addressed above > > and > > may contain privileged and confidential information. Disclosure or use > > of > > this message by any other person is strictly prohibited. If this message > > is > > received in error, please notify the sender immediately and delete this > > message. > >
