On Dec 8, 2015 10:58 AM, "Maxim Surdu" <[email protected]> wrote: > > Allert is working fine! > In kibana the log is coming with 2015 Dec 08 17:45:20 > in mail alert is coming with 2015 Dec 08 07:45:20 > not 17:45 or 05:45 but 07:45 and this can be problematic >
Which one is correct? If the ossec alert is wrong, check the timezone file at /var/ossec/etc/localtime I'm not sure how to check the timezone of the kibana instance. > > > luni, 7 decembrie 2015, 12:09:40 UTC+2, Maxim Surdu a scris: >> >> Hi everyone, >> >> I am new in Ossec, i configure ossec-server and ossec agent, all is working formidable! >> but i need to create an alert to show me people who are logging outside working hours in my system server or agent >> for example my company working hours are Monday-Friday from 09.00 until 18.00 and i need to know who from my employers working after work-hours! >> >> Any help would be greatly appreciated >> >> Thanks, >> Maxim > > -- > > --- > You received this message because you are subscribed to the Google Groups "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
