Hi all,
I'm testing OSSEC to come to a definitive optimal setup and have some
questions on the syslog/remote configuration. Going through the archives it
seems secure connection and protocol tcp can not be combined (tcpdump
confirmed this). So this won't work:
<remote>
<connection>secure</connection>
<protocol>tcp</protocol>
</remote>
OSSEC keeps message counters in [ossec_dir]/queue/rids/ .. Does this mean
when using UDP, still no messages are lost?
How does the agent know what protocol and/or port to use since everything
is only configured server side?
Thanx a lot for helping me out!
Kind regards,
Gerard.
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
