On Jan 26, 2015 5:17 PM, <[email protected]> wrote: > > Yes, those are in ossec.log. > > Is it normal for them to be loaded into analysisd? >
Yes, this is normal. The rules are what the analysis os built on. > > > -- > fini > > > > > > On 2015-01-26 16:08, dan (ddp) wrote: >> >> On Jan 26, 2015 5:06 PM, <[email protected]> wrote: >> > >> > Hi, >> > >> > After enabling debug on OSSEC 2.8.1 on FreeBSD 10.1, I'm seeing >> entries of the sort shown below in the log file after starting OSSEC. >> What's those supposed to indicate? >> > >> > >> > <!-- s --> >> > 2015/01/26 13:20:04 5 : rule:18152, level 10, timeout: 0 >> > 2015/01/26 13:20:04 5 : rule:40111, level 10, timeout: 0 >> > 2015/01/26 13:20:04 4 : rule:18132, level 5, timeout: 0 >> > 2015/01/26 13:20:04 5 : rule:18152, level 10, timeout: 0 >> > 2015/01/26 13:20:04 5 : rule:40111, level 10, timeout: 0 >> > 2015/01/26 13:20:04 4 : rule:18133, level 5, timeout: 0 >> > 2015/01/26 13:20:04 5 : rule:18152, level 10, timeout: 0 >> > 2015/01/26 13:20:04 5 : rule:40111, level 10, timeout: 0 >> > 2015/01/26 13:20:04 4 : rule:18135, level 5, timeout: 0 >> > <!-- /s --> >> > >> >> Is that in ossec.log? It looks like the rules are being loaded into >> analysisd. >> >>> Btw, all of OSSEC's processes are running. >> >> > >> > TIA, >> > >> > >> > >> > -- >> > fini >> > >> > >> > -- >> > >> > --- You received this message because you are subscribed to the >> Google Groups "ossec-list" group. >> > To unsubscribe from this group and stop receiving emails from it, >> send an email to [email protected]. >> > For more options, visit https://groups.google.com/d/optout [1]. >> >> >> -- >> >> --- >> You received this message because you are subscribed to the Google >> Groups "ossec-list" group. >> To unsubscribe from this group and stop receiving emails from it, >> send an email to [email protected]. >> For more options, visit https://groups.google.com/d/optout [1]. >> >> >> Links: >> ------ >> [1] https://groups.google.com/d/optout > > > -- > > --- You received this message because you are subscribed to the Google Groups "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
