ok, who can tell me how about the rest of linux machines? why is working just for one?
miercuri, 6 aprilie 2016, 23:57:16 UTC+3, Kat a scris: > > The windows systems do not have the same commands for looking at users. > Your commands for looking at both logged in and last, will only work on > *nix platforms. > > Kat > > On Wednesday, April 6, 2016 at 2:38:26 AM UTC-5, Maxim Surdu wrote: >> >> Hi dear community, >> >> i install and configure about 10 agents, and of course i have a lot of >> users, i need to monitoring when they are working or drink coffee >> >> in ossec_rules.xml >> >> i have next rules >> >> <rule id="534" level="1"> >> <if_sid>530</if_sid> >> <match>ossec: output: 'w'</match> >> <check_diff /> >> <options>alert_by_email</options> >> <description>List of logged in users. It will not be alerted by >> default.</description> >> </rule> >> >> <rule id="535" level="1"> >> <if_sid>530</if_sid> >> <match>ossec: output: 'last -n </match> >> <check_diff /> >> <options>alert_by_email</options> >> <description>List of the last logged in users.</description> >> </rule> >> >> i have linux and windows machines but mail is coming just from one >> machine(linux) how about the rest >> what i did wrong? >> >> i appreciate your help, and a lot of respect for developers and community! >> >> >> >> -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
