When I re-install new ossec manager and I run `tcpdump -i eth0 -nnXxevvvs 0 port 2514 and host 192.168.10.1`
It show message that: tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture site 65535 byte. so what does it mean? On Friday, February 6, 2015 at 9:11:33 AM UTC+7, Network Infrastructure wrote: > > I have configured OSSEC to monitor my ASA 5520 but I cannot see anything > > In ASA 5520, I enable syslog server to send syslog to my OSSEC > > > In OSSEC, the /var/ossec/etc/ossec.conf, I configed: > > <ossec_config> > > <remote> > <connection>syslog</connection> > <allowed-ips>IP_OF_CISCO_DEVICE</allowed-ips> > </remote> > <global> > <logall>yes</logall> > </global> > > </ossec_config> > > Then I restart ossec services but I cannot see anything. > > > Help me please ... > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.