Yes, when is starting ossec appear that in ossec.log, In addition to that nothing happen when i try ti test the realtime feature.
El viernes, 12 de septiembre de 2014 15:25:15 UTC-4, dan (ddpbsd) escribió: > > On Fri, Sep 12, 2014 at 3:23 PM, diego subero <[email protected] > <javascript:>> wrote: > > Hi everybody, > > > > > > Recently im installed ossec 2.8.1, but i have a problem with a real-time > > check, > > > > i have in my server this: > > > > - Debian 7.3 > > - inotify-tools > > > > process running: > > > > ossec-monitord is running... > > ossec-logcollector is running... > > ossec-syscheckd is running... > > ossec-analysisd is running... > > ossec-maild is running... > > ossec-execd is running... > > > > > > in my ossec.conf put that: > > > > --- > > <alert_new_files>yes</alert_new_files> > > <directories realtime="yes" report_changes="yes" > check_all="yes">/var$ > > --- > > > > But when i starting ossec in the ossec.log appear that: > > > > 2014/09/10 23:13:50 ossec-syscheckd: INFO: Starting syscheck database > > (pre-scan). > > 2014/09/10 23:19:27 ossec-syscheckd: INFO: Initializing real time file > > monitoring (not started). > > > > Does it produce an error or something that makes you think it never > starts? > > > im looking information but nothing working, somebody have the same > issue? > > > > thanks a lot. > > > > > > -- > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups > > "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to [email protected] <javascript:>. > > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
