Hello. I perform installation of OSSEC server (1) and OSSEC agent (2) with
default configuration, and check that OSSEC agent is working fine (for
example, I get email alert when OSSEC restarts or somebody take logon on
(2))
After this I install Postgresql on (2) and add his log to
/var/ossec/etc/ossec.conf on (2):
<localfile>
<log_format>postgresql_log</log_format>
<location>/var/log/postgresql/postgresql-9.2-main.log</location>
</localfile>
But I didn't see any errors from OSSEC server (1), while I take some errors
test (like MSK ERROR: column orders.is_canceled does not exist at char
acter 164
or
MSK FATAL: the database system is starting up
or
MSK FATAL: password authentication failed for user "redmine"
Could you help in correct installation of this monitoring? Thanks a lot!
