Curious how was that not working. Can you give some details? By default, it will send each line as a separated log message and we have rules to alert if any of the entries are over 95% utilization. Have the original running here on Centos 5,6 and 7 without any issues.
thanks, On Fri, Apr 15, 2016 at 6:15 AM, Robert Micallef <[email protected]> wrote: > For anyone who encounters this issue where disk usage alerts are not working > on Redhat 5, the issue is that in RHEL5 'df -h' output is multiline. > > You can easily fix it by modifying the ossec agent conf. Modify the 'df -h' > to 'df -Pkh' and add an alias. > > <localfile> > <log_format>command</log_format> > <command>df -Pkh</command> > <alias>df -h</alias> > </localfile> > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
