Any thoughts on removing hybrid mode and then setting up output to syslog? Thus the provider still gets their OSSEC alerts how they currently receive them and we in turn get the same thing, but via syslog?
On Tuesday, February 3, 2015 at 10:56:15 AM UTC-5, dan (ddpbsd) wrote: > > On Tue, Feb 3, 2015 at 10:45 AM, John Luko <[email protected] > <javascript:>> wrote: > > Morning: > > > > We're receiving the following error when using hybrid mode: > > > > File not available, ignoring it: '/var/ossec/logs/alerts/alerts.log'. > > > > Happens after about three minutes of being on. I know there is a bug > > attached to this (#442 I believe), any progress on this? We're running > 2.7 > > so I don't know if upgrading to 2.8 would correct the issue? > > > > I don't see any updates in the issue on github. I know I wasn't able > to figure it out, and there didn't appear to be much interest in > fixing it. > > > Thanks! > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups > > "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to [email protected] <javascript:>. > > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
