On 27 January 2014 13:50, dan (ddp) <[email protected]> wrote: > On Mon, Jan 27, 2014 at 1:47 PM, Bruno Andrade <[email protected]> wrote:
>> Hey, I found this http://centralwire.sourceforge.net/, that's >> basically what I was asking if it is possible to do with OSSEC. With >> this tool is possible to review the file changes and accept them. > I guess I don't understand what you expect to happen when you "accept" > a change. OSSEC notices a change, it alerts you. It will not revert > the change and it will not continue to alert you on that same change. > So I'm kind of missing the point. What are you hoping to accomplish > exactly? I'm putting words into Bruno's mouth, so to speak, but my interpretation of the problem is he wants a method to allow an admin to run syscheck_update -u <foo> for their specific server. My first guess would be sudo and some scripting. kmw -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
