Also it might help to run "lsof /etc/openvpn/log/openvpn.log" to confirm ossec-logcollector process is reading that file. As well check that the logs are written in syslog format.
On Wed, Apr 1, 2015 at 5:48 AM, dan (ddp) <[email protected]> wrote: > On Wed, Apr 1, 2015 at 8:38 AM, <[email protected]> wrote: > > Hello Dan, > > > > sorry, this is the correct format: > > > > > > <localfile> > > <log_format>syslog</log_format> > > <location>/etc/openvpn/log/openvpn.log</location> > > </localfile> > > > > > > > > the ossec services has been started (without any errors), but still I > dont > > get any messages relating to the openvpn log, > > I double checked the file and it was generating messages after I > restarted > > ossec > > does ossec look only for erros and discard other information? > > > > No, it should send all log messages the agent receives. Double check > the archives.log file for the log messages, and check the ossec.log on > the agent for errors concerning openvpn.log. > > > > > On Wednesday, April 1, 2015 at 2:33:49 PM UTC+2, [email protected] > wrote: > >> > >> well I will test this and let you know. > >> > >> thx Dan !! > >> > >>> > > -- > > > > --- > > You received this message because you are subscribed to the Google Groups > > "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to [email protected]. > > For more options, visit https://groups.google.com/d/optout. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
