Re: [ossec-list] running processes without a binary on disk
> On Nov 13, 2019, at 6:17 AM, dan (ddp) wrote: > > On Thu, Nov 7, 2019 at 11:16 AM bill evergreen > wrote: >> >> Hello list, >> >> does Ossec alert if there are processes running without a binary on disk? >> >> Thank's a lot for any feedback >> > > I don't think there's any rules for this. > >> Bill >> I believe you can use Osquery for this. You can integrate Osquery with Wazuh. Phil >> -- >> >> --- >> You received this message because you are subscribed to the Google Groups >> "ossec-list" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to ossec-list+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ossec-list/CAAmYSevq1oU75KESvCPQAA6BVq%2BhRfd_DJLx%2Bryvy_atfDO4%3Dw%40mail.gmail.com. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ossec-list/CAMyQvMqqRs_Bk9LEKbRdGdpkZRQnEHdZ_t8UCPNOCidjWcmwyw%40mail.gmail.com. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/B9EFDD75-9EBD-42E9-98A4-C0F11EB11DB7%40gmail.com.
Re: [ossec-list] running processes without a binary on disk
On Thu, Nov 7, 2019 at 11:16 AM bill evergreen wrote: > > Hello list, > > does Ossec alert if there are processes running without a binary on disk? > > Thank's a lot for any feedback > I don't think there's any rules for this. > Bill > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ossec-list/CAAmYSevq1oU75KESvCPQAA6BVq%2BhRfd_DJLx%2Bryvy_atfDO4%3Dw%40mail.gmail.com. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/CAMyQvMqqRs_Bk9LEKbRdGdpkZRQnEHdZ_t8UCPNOCidjWcmwyw%40mail.gmail.com.
[ossec-list] running processes without a binary on disk
Hello list, does Ossec alert if there are processes running without a binary on disk? Thank's a lot for any feedback Bill -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/CAAmYSevq1oU75KESvCPQAA6BVq%2BhRfd_DJLx%2Bryvy_atfDO4%3Dw%40mail.gmail.com.
