On Fri, Dec 18, 2015 at 8:43 AM, Maxim Surdu <[email protected]> wrote: > > > Hi everyone, > > I am new in Ossec, i configure ossec-server and ossec agent, all is working > formidable! > but i want ossec or kibana show me all logs include logs level 0 and level 1 > i change my ossec.conf and i add code <logall>yes</logall>,
The <logall> option logs all events that OSSEC receives in /var/ossec/logs/archives/archives.log. It should not change which alerts are logged (to the best of my knowledge). > in the ossec stats i see what i have logs with levels 0 and 1 but do not show > me kibana or ossec this events. > Are the alerts in alerts.log? How are you pushing the logs to ELK? > > > > > > > > > > > > > > > > > Any help would be greatly appreciated > > Thanks, > Maxim > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
