Enjoying getting to know ossec deeper than when I have used in the past.
Unfortunately, have run into an issue with realtime file integrity
checking. This also happens on other machines with 2.8 debian package or by
compiling from latest wazuh source or ossec-hids source. Have tried on
ubuntu 16.04 and 14.04.
With rootcheck disabled, realtime detection works instantly and without a
hitch, but with rootcheck enabled, I get sporadic results...alert is
delayed or does not occur at all.
I can see from strace of ossec-syscheckd that rootcheck gets quite busy
Is this a known issue? Thank you in advance...
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
For more options, visit https://groups.google.com/d/optout.