On Mon, Jan 27, 2014 at 1:58 PM, Kevin Wilcox <[email protected]> wrote: > On 27 January 2014 13:50, dan (ddp) <[email protected]> wrote: > >> On Mon, Jan 27, 2014 at 1:47 PM, Bruno Andrade <[email protected]> wrote: > >>> Hey, I found this http://centralwire.sourceforge.net/, that's >>> basically what I was asking if it is possible to do with OSSEC. With >>> this tool is possible to review the file changes and accept them. > >> I guess I don't understand what you expect to happen when you "accept" >> a change. OSSEC notices a change, it alerts you. It will not revert >> the change and it will not continue to alert you on that same change. >> So I'm kind of missing the point. What are you hoping to accomplish >> exactly? > > I'm putting words into Bruno's mouth, so to speak, but my > interpretation of the problem is he wants a method to allow an admin > to run > > syscheck_update -u <foo> > > for their specific server. My first guess would be sudo and some scripting. >
He wants to clear (delete) the database? Seems drastic. > kmw > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
