On 27 January 2014 13:50, dan (ddp) <[email protected]> wrote:

> On Mon, Jan 27, 2014 at 1:47 PM, Bruno Andrade <[email protected]> wrote:

>> Hey, I found this http://centralwire.sourceforge.net/, that's
>> basically what I was asking if it is possible to do with OSSEC. With
>> this tool is possible to review the file changes and accept them.

> I guess I don't understand what you expect to happen when you "accept"
> a change. OSSEC notices a change, it alerts you. It will not revert
> the change and it will not continue to alert you on that same change.
> So I'm kind of missing the point. What are you hoping to accomplish
> exactly?

I'm putting words into Bruno's mouth, so to speak, but my
interpretation of the problem is he wants a method to allow an admin
to run

syscheck_update -u <foo>

for their specific server.  My first guess would be sudo and some scripting.

kmw

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to