Thanks
Michael Barrett | Information Security Analyst - Lead | Mortgage Guaranty
Insurance Corporation
270 E. Kilbourn Ave. | Milwaukee, WI 53202 USA | ( 1.414.347.6271 | 7
1.888.601.4440 | * michael_barr...@mgic.com
This message is intended for us
On Thu, Feb 21, 2013 at 1:21 PM, ash kumar wrote:
> Dan,
>
> I understand the intended function of the "logall" option.
>
> I interpreted the no_log to imply specific exclusion from
> that. Since it clearly does not appear to do that, is it merely the
> equivalent of level="0"?
>
That would be my
Dan,
I understand the intended function of the "logall" option.
I interpreted the no_log to imply specific exclusion from
that. Since it clearly does not appear to do that, is it merely the
equivalent of level="0"?
Ash
PS: Are you able to use Logstash reliably? I gave up after numerous java
On Thu, Feb 21, 2013 at 1:08 PM, ash kumar wrote:
> I need to archive all logs, but am overwhelmed with pointless traffic such
> as the one below. Since the suppression of the event involves a subcategory
> and can not be automatically be done by group Policy in a mixed (2003, 2008)
> environment,
I need to archive all logs, but am overwhelmed with pointless traffic such
as the one below. Since the suppression of the event involves a subcategory
and can not be automatically be done by group Policy in a mixed (2003,
2008) environment, I am exploring the option of suppressing it at the log
I figured it out. I has the alert set to a number below my email alert
threshold.
Phil
On Wed, Feb 20, 2013 at 1:06 PM, Phil Cox wrote:
> Is ossec-maild running?
>> Does it try to send the email (you can use tcpdump or the email
>> server's logs to find out)?
>>
>>
> It is running. It does NOT
On Thu, Feb 21, 2013 at 9:15 AM, wrote:
> So which privilege level is the best to run the script?
>
> May I have to change this to get the anted result?
>
>
>
> --
>
I really don't have much experience with agentless, especially with
cisco products. Your best bet is to read through the script to
So which *privilege level *is the best to run the script?
May I have to change this to get the anted result?
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an emai
On Thu, Feb 21, 2013 at 8:24 AM, Michael Barrett
wrote:
>
>
> Is it possible to just vi the client.keys file?
>
It is possible, it's a plain text file. Here's an example of a removed agent:
003 #*#*#*#*#*#*#*#*#*#*#638d2f2affc852245528f7ba749c57ee38aba
Is it possible to just vi the client.keys file?
Michael Barrett | Information Security Analyst - Lead | Mortgage Guaranty
Insurance Corporation
270 E. Kilbourn Ave. | Milwaukee, WI 53202 USA | ( 1.414.347.6271 | 7
1.888.601.4440 | * michael_barr...@
I try to run the command manuel on the router it takes just a secend to run
it.
It looks like that it locked in
shows the router#
but than it retunres the error
rhanks for your help
Am Dienstag, 19. Februar 2013 15:38:39 UTC+1 schrieb dan (ddpbsd):
> On Tue, Feb 19, 2013 at 5:08 AM,
I ask my colleague who set up a account on the router.
This user is automaticly in enable may this is the problem?
thanks for your advice
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving em
I tried to add a bad option and i see that it is not being picked up...
Like in my example, i don't see anything related to options in specific
agent profile.
вторник, 19 февраля 2013 г., 23:15:44 UTC+6 пользователь dan (ddpbsd)
написал:
>
> On Mon, Feb 18, 2013 at 6:23 AM, Андрей Шевченко
> >
Hi Will
The idea for Hybrid configuration is so that if you have
an environment that is very chatty you can offload you server. It allows
you to process locally on the "agents" and push the alerts only to the
"server". Another reason for this configuration would be if you had a
network with multip
14 matches
Mail list logo
