ok, thanks Dan, it is in the 2.8.1 documentation and I was just asked this morning if I could configure it to alert via json...
I'll try 2.9 although I think my boss will want to wait until out of beta... so may have to wait for that On Tuesday, June 2, 2015 at 10:19:50 AM UTC-4, James Siegel wrote: > > I edit my /var/ossec/etc/ossec.conf on the server... the <global> > </global> section > > I add <jsonout_output>yes</jsonout_output> > > and restart my ossec server > > /var/ossec]# bin/ossec-control restart > Killing ossec-monitord .. > Killing ossec-logcollector .. > Killing ossec-remoted .. > Killing ossec-syscheckd .. > Killing ossec-analysisd .. > Killing ossec-maild .. > Killing ossec-execd .. > OSSEC HIDS v2.8 Stopped > Starting OSSEC HIDS v2.8 (by Trend Micro Inc.)... > OSSEC analysisd: Testing rules failed. Configuration error. Exiting. > > > once I remove that line in my global section it starts fine > it is only when I try adding json out that it appears to fail on me > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
