Hello I am also a newbie and would like to know what are the setting's for this in OSSEC. Can you please post your sample config?
Thanks Chuck On Tuesday, October 31, 2017 at 7:21:39 AM UTC-4, dan (ddpbsd) wrote: > > On Tue, Oct 17, 2017 at 11:17 AM, Julia Vitoria Cardoso > <[email protected] <javascript:>> wrote: > > Hi guys. I am a newbie with OSSEC, trying to use primarily for file > > integrity check. > > > > So, the plan is: Ossec agent on server checks integrity, sends results > to > > Ossec server, that send alerts of checksum change with syslog to my SIEM > log > > server. But this one is listening in TCP port 514. According to docs, > the > > syslog output sends UTP Can i change it? > > > > You can send it to the local syslogd, and use that to forward the > messages via tcp to the siem. > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups > > "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to [email protected] <javascript:>. > > For more options, visit https://groups.google.com/d/optout. > -- ------------------------------ This email and any files transmitted with it are considered privileged and confidential unless otherwise explicitly stated otherwise. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. All email data and contents may be monitored to ensure that their use is authorized, for management of the system, to facilitate protection against unauthorized use, and to verify security procedures, survivability and operational security. Under no circumstance should the user of this email have an expectation of privacy for this correspondence. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
