Testing... and I copy-pasted an existing AR entry from my XML file which
had the correct comment format... :-(
On Wed, May 27, 2015 at 7:42 AM, Santiago Bassett <
santiago.bass...@gmail.com> wrote:
> Weird... Just curious, how did you figure it out?
>
> On Tue, May 26, 2015 at 10:29 AM, Xavier Me
Weird... Just curious, how did you figure it out?
On Tue, May 26, 2015 at 10:29 AM, Xavier Mertens wrote:
> FYI, my problem has been solved by reformating the comment in the
> section:
>
> Changed from:
>
>
> To:
>
>
> Bug?
>
> /x
>
> On Fri, May 22, 2015 at 3:22 AM, Santiago Bassett <
> sant
FYI, my problem has been solved by reformating the comment in the
section:
Changed from:
To:
Bug?
/x
On Fri, May 22, 2015 at 3:22 AM, Santiago Bassett <
santiago.bass...@gmail.com> wrote:
> Not sure if this is of any help, but try to run ossec-execd in debug mode
> and use -t to test the c
Not sure if this is of any help, but try to run ossec-execd in debug mode
and use -t to test the configuration. Maybe that way you can figure out
what is causing the issue.
On Thu, May 21, 2015 at 8:01 AM, Xavier Mertens wrote:
> Hi,
>
> I don't often write to the group (I'm following it closely
Hi,
I don't often write to the group (I'm following it closely) but today, I've
a question...
I'd like to trigger an Active-Response script on the _server_ for _any_
alert (ex with level > 10).
I don't want to deply the script on all agents.
At the moment, here is my active-response config (for o
