Swati, I replied on the linked thread, so as to keep this one focused on the topic at hand.
Thanks -Josh On Monday, October 12, 2015 at 9:30:40 AM UTC-4, Swati wrote: > > Hi Josh, > > Will your fix going to rectify the issue that I reported here : > https://groups.google.com/forum/#!searchin/ossec-list/bookmarks/ossec-list/2NPMEfA6NLk/bSecI-CHAAAJ > > If so, is it possible to get hold of the binary. > > Kind Regards > Swati > > > On Saturday, 10 October 2015 12:15:01 UTC+1, DefensiveDepth wrote: > >> Creating the tmp dir and restarting services appeared to have fixed it. >> >> To be sure, I did a clean re-install and created the tmp dir prior to the >> eventchannel config--After startup, there are currently no bookmark errors. >> >> I also confirmed once again that the eventchannel logs are being parsed >> correctly. >> >> -Josh >> >> On Friday, October 9, 2015 at 8:16:51 PM UTC-4, SoulAuctioneer wrote: >>> >>> Are there errors in the OSSEC log after you create the tmp directory in >>> the OSSEC directory and restart everything? >>> >>> Looks like the installer needs the following: >>> >>> >>> https://github.com/ossec/ossec-hids/blame/master/src/win32/ossec-installer.nsi#L146 >>> >>> https://github.com/ossec/ossec-hids/blame/master/src/win32/ossec-installer.nsi#L422 >>> >>> https://github.com/ossec/ossec-hids/blame/master/src/win32/ossec-installer.nsi#L438 >>> >>> Some Procmon errors like "Name Not Found" can probably be expected when >>> things first start up since OSSEC will try to ascertain if a bookmark file >>> exists but that shouldn't result in an error in the OSSEC logs. >>> >> -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
