SOLVED I activated in /etc/asterisk/logger.conf the logging to syslog. Log-Messages to syslog appear to be slightly different and so the existing rules work.
Am Dienstag, 7. Mai 2013 12:49:09 UTC+2 schrieb Thorsten Göllner: > > Hi, > > I installed OSSEC 2.7 and Asterisk 11.3.0. When I "force" an "file not > found" error in atserisk, OSSEC will not send an email. Here is a part of > my config: > > <ossec_config> > <global> > <email_notification>yes</email_notification> > <email_to>[email protected]</email_to> > <smtp_server>127.0.0.1</smtp_server> > <email_from>[email protected]</email_from> > </global> > > [...] > > <localfile> > <log_format>syslog</log_format> > <location>/var/log/asterisk/full</location> > </localfile> > [...] > > </ossec_config> > > ossec.log says: > [...] > 2013/05/07 12:29:03 ossec-logcollector(1950): INFO: Analyzing file: > '/var/log/asterisk/full'. > [...] > > "/var/log/asterisk/full" says: > [...] > [2013-05-07 12:30:29] WARNING[10562][C-00002e9e] file.c: File > /audio/moh-test does not exist in any format > [2013-05-07 12:30:29] WARNING[10562][C-00002e9e] res_musiconhold.c: Unable > to open file '/audio/moh-test': No such file or directory > [...] > > Other OSSEC mails will be sent (start info and other warnings). > > Any idea? > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
