I know that they are not there, but I keep them in the config for older servers that will still have those files/paths. The errors are not my problem, I'm just looking for what other peoples ossec.conf on their agent look like. I'm trying to get a perspective on other files that they may be monitoring on that I currently am not. An example is how I'm trying to monitor bcdedit.exe. That file was the replacement for boot.ini in newer windows operating systems. I'm just not getting it implemented correctly, which is why im looking for a more experienced persons agents ossec.conf file to base rules off of.
On Friday, July 5, 2013 9:29:52 AM UTC-5, David Blanton wrote: > If you've removed those paths/directories to being monitored, try > restarting OSSEC and the agent as well. > > /var/ossec/bin/agent_control -R ### > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
