Re: [ossec-list] Windows 2012 logs missing
I will keep trying maybe i can find the solution for it and thank you for your time On Wednesday, June 17, 2020 at 8:03:11 AM UTC-7, dan (ddpbsd) wrote: > > On Wed, Jun 17, 2020 at 9:26 AM Rashad Mogsi > wrote: > > > > first thx for the replay > > and i did install the ossec-hids -agent and its active on the ossem > server. > > so i cant receive any logs in the OSSEM WEB. > > so i want to know how to change refresh rate of reciving logs from the > server to WEB interface GUI. > > > > You can check the /var/ossec/logs/alerts.log file on the OSSEC server > to see if the agent is triggering alerts. > If you turn on the logall option on the OSSEC server, you can check > /var/ossec/logs/archives/archives.log to make sure the agent is > sending logs to the OSSEC server. > I don't know enough about OSSEM to help with that though. > > > > > Thank you again for your attention . > > > > On Wednesday, June 17, 2020 at 6:19:29 AM UTC-7, dan (ddpbsd) wrote: > >> > >> On Wed, Jun 17, 2020 at 9:15 AM Rashad Mogsi > wrote: > >> > > >> > i have installed OSSEM Server on Esxi and i can't receve any logs > form the Windows server . > >> > is there any configurations should i do from the OSSEM or from the > windows so i can see the logs > >> > > >> > >> OSSEM or OSSEC? I can't help you with OSSEM. > >> If you're using OSSEC, did you install the agent software on the > Windows host? > >> Did you add the agent to the OSSEC server? > >> > >> > any one can answer? > >> > > >> > -- > >> > > >> > --- > >> > You received this message because you are subscribed to the Google > Groups "ossec-list" group. > >> > To unsubscribe from this group and stop receiving emails from it, > send an email to ossec...@googlegroups.com. > >> > To view this discussion on the web visit > https://groups.google.com/d/msgid/ossec-list/a83de371-51aa-4cb8-9422-9c253698cf0bo%40googlegroups.com. > > > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to ossec...@googlegroups.com . > > To view this discussion on the web visit > https://groups.google.com/d/msgid/ossec-list/4e30c221-728d-4743-a2ab-914de0bb27e6o%40googlegroups.com. > > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/ccf3f0a4-7042-46ab-abe7-235761fafae5o%40googlegroups.com.
Re: [ossec-list] Windows 2012 logs missing
On Wed, Jun 17, 2020 at 9:26 AM Rashad Mogsi wrote: > > first thx for the replay > and i did install the ossec-hids -agent and its active on the ossem server. > so i cant receive any logs in the OSSEM WEB. > so i want to know how to change refresh rate of reciving logs from the server > to WEB interface GUI. > You can check the /var/ossec/logs/alerts.log file on the OSSEC server to see if the agent is triggering alerts. If you turn on the logall option on the OSSEC server, you can check /var/ossec/logs/archives/archives.log to make sure the agent is sending logs to the OSSEC server. I don't know enough about OSSEM to help with that though. > > Thank you again for your attention . > > On Wednesday, June 17, 2020 at 6:19:29 AM UTC-7, dan (ddpbsd) wrote: >> >> On Wed, Jun 17, 2020 at 9:15 AM Rashad Mogsi wrote: >> > >> > i have installed OSSEM Server on Esxi and i can't receve any logs form the >> > Windows server . >> > is there any configurations should i do from the OSSEM or from the windows >> > so i can see the logs >> > >> >> OSSEM or OSSEC? I can't help you with OSSEM. >> If you're using OSSEC, did you install the agent software on the Windows >> host? >> Did you add the agent to the OSSEC server? >> >> > any one can answer? >> > >> > -- >> > >> > --- >> > You received this message because you are subscribed to the Google Groups >> > "ossec-list" group. >> > To unsubscribe from this group and stop receiving emails from it, send an >> > email to ossec...@googlegroups.com. >> > To view this discussion on the web visit >> > https://groups.google.com/d/msgid/ossec-list/a83de371-51aa-4cb8-9422-9c253698cf0bo%40googlegroups.com. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ossec-list/4e30c221-728d-4743-a2ab-914de0bb27e6o%40googlegroups.com. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/CAMyQvMqf%2Bc2z7spfeYo0AKxS9hYusncLprzE6GpOUh0KGwOsDA%40mail.gmail.com.
Re: [ossec-list] Windows 2012 logs missing
first thx for the replay and i did install the ossec-hids -agent and its active on the ossem server. so i cant receive any logs in the OSSEM WEB. so i want to know how to change refresh rate of reciving logs from the server to WEB interface GUI. Thank you again for your attention . On Wednesday, June 17, 2020 at 6:19:29 AM UTC-7, dan (ddpbsd) wrote: > > On Wed, Jun 17, 2020 at 9:15 AM Rashad Mogsi > wrote: > > > > i have installed OSSEM Server on Esxi and i can't receve any logs form > the Windows server . > > is there any configurations should i do from the OSSEM or from the > windows so i can see the logs > > > > OSSEM or OSSEC? I can't help you with OSSEM. > If you're using OSSEC, did you install the agent software on the Windows > host? > Did you add the agent to the OSSEC server? > > > any one can answer? > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to ossec...@googlegroups.com . > > To view this discussion on the web visit > https://groups.google.com/d/msgid/ossec-list/a83de371-51aa-4cb8-9422-9c253698cf0bo%40googlegroups.com. > > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/4e30c221-728d-4743-a2ab-914de0bb27e6o%40googlegroups.com.
Re: [ossec-list] Windows 2012 logs missing
On Wed, Jun 17, 2020 at 9:15 AM Rashad Mogsi wrote: > > i have installed OSSEM Server on Esxi and i can't receve any logs form the > Windows server . > is there any configurations should i do from the OSSEM or from the windows so > i can see the logs > OSSEM or OSSEC? I can't help you with OSSEM. If you're using OSSEC, did you install the agent software on the Windows host? Did you add the agent to the OSSEC server? > any one can answer? > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ossec-list/a83de371-51aa-4cb8-9422-9c253698cf0bo%40googlegroups.com. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/CAMyQvMq8wtJMXeJSv8aoa9kvHmyvDJVZ0ie8sUybeYui2FXhVg%40mail.gmail.com.
[ossec-list] Windows 2012 logs missing
i have installed OSSEM Server on Esxi and i can't receve any logs form the Windows server . is there any configurations should i do from the OSSEM or from the windows so i can see the logs any one can answer? -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/a83de371-51aa-4cb8-9422-9c253698cf0bo%40googlegroups.com.
