On Tue, Sep 3, 2013 at 12:36 AM, frwa onto <[email protected]> wrote: > Hi All, > I just rebuild and install ossec on my centos 6.4 machine. So what > is the next step be done as this is any existing machine and I want to check > for any previous intrusion? I also want to get alerts on updates on my local > files or any new files created? I am sorry very new to it. >
You can use ossec-logtest to check old log files, and syscheck has a default configuration that can cover most needs. If you have custom locations that must be monitored, you should add them to the ossec.conf in the syscheck section. > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
