On Wed, Oct 3, 2018 at 6:20 AM Judy Chen <[email protected]> wrote: > Hi > > Thanks for your feedback > > i checked my folder permission and should be OK > > [root@ip-10-23-207-85 ossec]# pwd > /var/ossec > [root@ip-10-23-207-85 ossec]# ls -ld queue > dr-xr-x---. 11 root ossec 6144 Sep 18 07:58 queue > > [root@ip-10-23-207-85 ossec]# cd queue/ > [root@ip-10-23-207-85 queue]# ls -ld ossec > drwxrwx---. 2 ossec ossec 6144 Sep 25 05:02 ossec > > [root@ip-10-23-207-85 queue]# cd ossec/ > [root@ip-10-23-207-85 ossec]# ls -ld queue > srw-rw----. 1 ossec ossec 0 Sep 25 05:02 queue > > is it possible relative kernel version? ossec-agent seem cannot send log > to server on Red Hat 4.8.3-9. but 4.4.35-33.55. is work (not sure it caused > by AWS AMI or other problem) >
I don’t know of any issues with the kernel versions. Check the audit log to see if something is being stopped. /var/log/audit I think > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
