Hi Daniel, sorry for late response. I don't know for real what is happening with your alerts but i'll keep giving you some advices, we'll see if we can make this work.
Maild read directly from alerts.log, search for "mail" flag and if it is present send the email, that means if your alerts is printing out into alerts.log file it should be sent by email. So, first try to locate the alert 10005 (or 100007) in your alerts.log file. Second, in your ossec.conf file between <email_alerts> tags include the following for better testing:* <do_not_delay /> and do_not_group* It is very important that the alert your looking to be send via email actually be present on alerts.log file. Good luck! Keep us up to date. El lunes, 23 de noviembre de 2015, 5:03:18 (UTC-8), Daniel Bray escribió: > > > On Monday, November 16, 2015 at 8:28:27 AM UTC-5, Daniel Bray wrote: >> >> With the updated alert_by_email settings, this has stopped the email >> alerts. I see it hitting the WebUI as alert level 2, but no emails are >> coming in. >> > > > Unfortunately, with everything put back to the default settings, this > issue remains. I'm seeing other issues with some filters as well. Not sure > what else to do. It must be a bad install or version I'm running. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
