I tried to search previous post and documentation, but could not find
answer :( . Thanks as always for quick responses i get :)
I enabled notification yesterday on my ossec server, but it failed to sent
as i didn't give smpt_server option. Now, I want to force send email report
to verify my config is working. how can i do that?
here is my config ( changed email address/hostnames )
<ossec_config>
<global>
<email_notification>no</email_notification> <!-- i don't want email
notifications, just reports. I tried changing to 'yes' one time with no
luck. -->
<jsonout_output>yes</jsonout_output>
<smtp_server>relayhost.com</smtp_server>
<email_from>[email protected]</email_from>
</global>
<reports>
<category>rootcheck</category>
<title>Daily report: rootcheck </title>
<email_to>[email protected]</email_to>
</reports>
<reports>
<category>syscheck</category>
<title>Daily report: File changes</title>
<email_to>[email protected]</email_to>
</reports>
...... truncated.....
</ossec_config>
I tried running "/var/ossec/bin/ossec-monitord" after restarting
ossec-hids, but nothing in logs of ossec and mail .
Question:2
can i add multiple category with "," or "|", i could not find the answer
in docs
example: <category>rootcheck,syscheck</category>
Cheers,
ac
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
