Hi Andries, I would suggest to use "lsof" tool and see if files are being read by ossec-logcollector process.
Best On Sun, Jul 19, 2015 at 10:44 AM, Andries Jansen <[email protected]> wrote: > Hello, > > Yes I've configured the log files for both log analysis and syscheck in > the ossec.conf and shared/agent.conf. But I've used some wildcards (*) in > the configuration and I want to be sure if all logfiles are monitored. > > So I thought if Ossec can show me a list of files that are monitored by > Ossec, then can checked to be sure. > > Op zaterdag 18 juli 2015 20:46:12 UTC+2 schreef theresa mic-snare: > >> hi, >> >> you mean as in log analysis or monitoring as in file integrity monitoring >> (syschecks) ?! >> actually everything should be defined in the ossec.conf if i'm not >> mistaken.... >> >> Am Samstag, 18. Juli 2015 15:38:05 UTC+2 schrieb Andries Jansen: >>> >>> Can I get a list of log files Ossec is monitoring? I've used some >>> wildcards and I want to know if Ossec is monitoring the right files. >>> >> -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
