On Wednesday, June 4, 2014 11:40:13 AM UTC-5, Up wrote: > > Thanks Dan. Deleting the enry in ossec.conf took care of that rule. > > > What is the full output of /etc/ossec-init.conf. > DIRECTORY="/var/ossec" > VERSION="v2.8" > DATE="Wed Jun 4 11:06:30 CDT 2014" > TYPE="server" > > Previously, it was: > > DIRECTORY="/var/ossec" > VERSION="v2.7.1" > DATE="Mon Feb 17 16:27:23 CST 2014" > TYPE="local" > > Thanks. > Upen >
Hi, Thought I mention about this. I see an additional message in the log file: ossec-analysisd(1210): ERROR: Queue '/queue/alerts/ar' not accessible: 'Queue not found'. ls -al /var/ossec/queue/alerts/ total 8 drwxrwx--- 2 ossec ossec 4096 Jun 4 11:49 . dr-xr-x--- 11 root ossec 4096 Nov 9 2011 .. srw-rw---- 1 root ossec 0 Jun 4 11:49 execq -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
