Scott, We have various VLANs and even before Agent registers with Server, we may face some connection problems and we need to identify those.
On Mon, 25 Mar 2019 at 17:58, Scott R. Shinn <[email protected]> wrote: > You could have ossec monitor ossec.log like it does with active- > responses.log. You'd just have to write rules for it, or barring that > turn on archives.log > > -Scott > > On Mon, 2019-03-25 at 08:02 -0400, dan (ddp) wrote: > > On Fri, Mar 22, 2019 at 12:01 PM YoYo <[email protected]> wrote: > > > Hi All, > > > > > > We are planning to deploy the HIDS agent in large network (say 10k > > > servers). > > > > > > I need to track the agent installation, key registration & startup > > > failure. > > > > > > Is there any way to send AGENT's logs/ossec.log to some external > > > syslog server or to the server configured syslog.conf? > > > > > > Is there any way to achieve this in Agent side or some work around > > > to do this? > > > > > > > The agent doesn't have any built-in way to do this. > > You could use your syslog daemon to read the file and forward the > > logs. I'm pretty sure rsyslogd can do this, not sure about the > > others. > > > > > Apologies if it is a duplicate discussion. I couldn't able to find > > > one. > > > > > > Thanks in advance. > > > > > > Thanks & Regards, > > > Vijay. > > > > > > -- > > > > > > --- > > > You received this message because you are subscribed to the Google > > > Groups "ossec-list" group. > > > To unsubscribe from this group and stop receiving emails from it, > > > send an email to [email protected]. > > > For more options, visit https://groups.google.com/d/optout. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- Cheers, Vijay. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
