Thanks for the quick response. Please see inline for naswers. On Thursday, March 13, 2014 12:57:34 PM UTC-5, dan (ddpbsd) wrote: > > On Thu, Mar 13, 2014 at 1:53 PM, Mike Wisniewski > <[email protected]<javascript:>> > wrote: > [...] >
> Are you using active response? > Yes, I am trying to use active response. I'm trying to get it to dump IP's in /etc/hosts.deny. I am reading logs from another device in a directory that doesn't support ossec. It's actually dumping the apache logs and I'm trying to get it to add it to the hosts.deny on the server. > > > and the FAQ says to install the agent....but it's a server that's > already > > being monitored by OSSEC by default. > > > > I'll have to check that out, because it makes no sense. > I know one thing is to check to see if 'ossec-analysis' is running, which it is. Thanks all for the help. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
