On 2014-06-09 8:49, Dan Kennedy wrote:
Good day all. It seems like I'm seeing a very odd issue with regard to
Windows events coming through to the OSSEC management server. I've set
this up before without any configuration changes & received all the
events I wanted from the Windows end point (a Win7 machine), but this
time around (a Win2k3 Server for testing) it seems to be failing as
far as what data it returns into the main alerts.log file. Here's a
sample of one of the events I get:
I know a change was made to the log format (adding Windows timestamp)
and the decoder (in order to accommodate it), so that's probably the
cause. Do you have a 2.7 instance still around to test that sample?
--
---
You received this message because you are subscribed to the Google Groups "ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
