This is exactly what I'm trying to get working with my issue where the hybrid agent stops parsing the alerts log file :(
On Wednesday, November 12, 2014 2:09:36 PM UTC, dan (ddpbsd) wrote: > > On Wed, Nov 12, 2014 at 5:47 AM, Teddy Jayasaputra > <[email protected] <javascript:>> wrote: > > Dear all, > > > > Any of you have working with ossec server talking to ossec in OSSIM? > > > > I send alert level ossec via syslog to rsyslog ossim but not working > because > > OSSIM use custom log with tag AV in front of each log so alert from > ossec > > server not recognize by OSSIM. > > > > I heard about ossec in hybrid mode. > > Can someone describe it? Or point me the manual to do it? Can hybrid > mode > > solve deployment ossec to ossec in OSSIM ? > > > > Hybrid mode allows an OSSEC manager to report alerts to another OSSEC > manager. > > > Thanks. > > > > Best Regards, > > > > -Teddy- > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups > > "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to [email protected] <javascript:>. > > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
