Hi Dan Problem solved. This helped -> http://www.ossec.net/?p=1098 "So on upgrades remove the entry for bro-ids.xml from the /var/ossec/etc/ossec.conf configuration file"
Fixed that. After this I had to recompile with DB support. Running the install.sh script after all this fixed the problem. Thank you. On Tuesday, 29 July 2014 10:47:22 UTC+1, dan (ddpbsd) wrote: > > > On Jul 29, 2014 5:44 AM, "Iacob Alexandru" <[email protected] > <javascript:>> wrote: > > > > Hi, > > > > I have updated to 2.8 on agents and all looks OK. > > However, on server, I get this: > > > > "Starting OSSEC HIDS v2.8 (by Trend Micro Inc.)... > > OSSEC analysisd: Testing rules failed. Configuration error. Exiting." > > > > I have checked the ossec-control script and all looks fine in terms of > PATH > > > > ##### > > > > # Start function > > start() > > { > > SDAEMONS="${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON} > ossec-maild ossec-execd ossec-analysisd ossec-logcollector ossec-remoted > ossec-syscheckd ossec-monitord" > > > > echo "Starting $NAME $VERSION (by $AUTHOR)..." > > echo | ${DIR}/bin/ossec-logtest > /dev/null 2>&1; > > if [ ! $? = 0 ]; then > > echo "OSSEC analysisd: Testing rules failed. Configuration > error. Exiting." > > exit 1; > > fi > > lock; > > checkpid; > > > > ##### > > > > Any ideas? > > Yes, there's a possible misconfiguration, like the error says. > > > Thank you. > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected] <javascript:>. > > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
