On Thu, Oct 3, 2013 at 2:21 AM, Jeff Allison <[email protected]> wrote: > I've installed ossec 2.7 on a centos 6.4 machine and I'm unable to receive > syslog messages via ossec-remoted. > > my ossec.conf contains, > > <remote> > <connection>syslog</connection> > </remote> > > <remote> > <connection>secure</connection> > </remote> > > But I cannot see the remoted service listening on udp 514 > > [root@maitprodsplunk bin]# fuser -v -n udp 514 > > [root@maitprodsplunk bin]# fuser -v -n udp 1514 > USER PID ACCESS COMMAND > 1514/udp: ossecr 501 F.... ossec-remoted > > Any ideas??? >
Try running /var/ossec/bin/ossec-remoted -df See if there are any additional errors. > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
