On Tue, Oct 17, 2017 at 11:17 AM, Julia Vitoria Cardoso <[email protected]> wrote: > Hi guys. I am a newbie with OSSEC, trying to use primarily for file > integrity check. > > So, the plan is: Ossec agent on server checks integrity, sends results to > Ossec server, that send alerts of checksum change with syslog to my SIEM log > server. But this one is listening in TCP port 514. According to docs, the > syslog output sends UTP Can i change it? >
You can send it to the local syslogd, and use that to forward the messages via tcp to the siem. > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
