Cool!
--
fini
On 2015-01-26 16:26, dan (ddp) wrote:
On Jan 26, 2015 5:17 PM, <[email protected]> wrote:
>
> Yes, those are in ossec.log.
>
> Is it normal for them to be loaded into analysisd?
>
Yes, this is normal. The rules are what the analysis os built on.
>
> --
> fini
>
>
>
>
>
> On 2015-01-26 16:08, dan (ddp) wrote:
>>
>> On Jan 26, 2015 5:06 PM, <[email protected]> wrote:
>> >
>> > Hi,
>> >
>> > After enabling debug on OSSEC 2.8.1 on FreeBSD 10.1, I'm
seeing
>> entries of the sort shown below in the log file after starting
OSSEC.
>> What's those supposed to indicate?
>> >
>> >
>> > <!-- s -->
>> > 2015/01/26 13:20:04 5 : rule:18152, level 10, timeout: 0
>> > 2015/01/26 13:20:04 5 : rule:40111, level 10, timeout: 0
>> > 2015/01/26 13:20:04 4 : rule:18132, level 5, timeout: 0
>> > 2015/01/26 13:20:04 5 : rule:18152, level 10, timeout: 0
>> > 2015/01/26 13:20:04 5 : rule:40111, level 10, timeout: 0
>> > 2015/01/26 13:20:04 4 : rule:18133, level 5, timeout: 0
>> > 2015/01/26 13:20:04 5 : rule:18152, level 10, timeout: 0
>> > 2015/01/26 13:20:04 5 : rule:40111, level 10, timeout: 0
>> > 2015/01/26 13:20:04 4 : rule:18135, level 5, timeout: 0
>> > <!-- /s -->
>> >
>>
>> Is that in ossec.log? It looks like the rules are being loaded
into
>> analysisd.
>>
>>> Btw, all of OSSEC's processes are running.
>>
>> >
>> > TIA,
>> >
>> >
>> >
>> > --
>> > fini
>> >
>> >
>> > --
>> >
>> > --- You received this message because you are subscribed to
the
>> Google Groups "ossec-list" group.
>> > To unsubscribe from this group and stop receiving emails from
it,
>> send an email to [email protected].
>> > For more options, visit https://groups.google.com/d/optout [1]
[1].
>>
>>
>> --
>>
>> ---
>> You received this message because you are subscribed to the
Google
>> Groups "ossec-list" group.
>> To unsubscribe from this group and stop receiving emails from
it,
>> send an email to [email protected].
>> For more options, visit https://groups.google.com/d/optout [1]
[1].
>>
>>
>> Links:
>> ------
>> [1] https://groups.google.com/d/optout [1]
>
>
> --
>
> --- You received this message because you are subscribed to the
Google Groups "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it,
send an email to [email protected].
> For more options, visit https://groups.google.com/d/optout [1].
--
---
You received this message because you are subscribed to the Google
Groups "ossec-list" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to [email protected].
For more options, visit https://groups.google.com/d/optout [1].
Links:
------
[1] https://groups.google.com/d/optout
--
---
You received this message because you are subscribed to the Google Groups "ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
