On 10 February 2015 at 11:42, shankey shankey.ci...@gmail.com wrote:
HI TEAm ,
Can is use OSSEC for FIM solution, to clear my PCI Audit, if yes, then help
me with the hardware requirement and installation procedure.
Regards
Shankey
--
---
You received this message because you are
On Tue, Feb 10, 2015 at 11:42 AM, shankey shankey.ci...@gmail.com wrote:
HI TEAm ,
Can is use OSSEC for FIM solution, to clear my PCI Audit, if yes, then help
me with the hardware requirement and installation procedure.
OSSEC's syscheck functionality provides some file integrity monitoring
On 10 February 2015 at 11:44, Kevin Wilcox kevin.wil...@gmail.com wrote:
On 10 February 2015 at 11:42, shankey shankey.ci...@gmail.com wrote:
Can is use OSSEC for FIM solution, to clear my PCI Audit, if yes, then help
me with the hardware requirement and installation procedure.
Sorry about
HI TEAm ,
Can is use OSSEC for FIM solution, to clear my PCI Audit, if yes, then help
me with the hardware requirement and installation procedure.
Regards
Shankey
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To unsubscribe from this
Hi Dan,
Thanks very much for the reply.
I'll go on trying to figure out why we need to restart ossec. Hope to bring
soon the findings
Kind regards,
Jose Moreno
El martes, 10 de febrero de 2015, 9:36:21 (UTC), Jose Moreno escribió:
Hi,
We are using CDB lists for a number of tasks, they
On 2015-02-10 11:45, Jose Moreno wrote:
Hi Dan,
Thanks very much for the reply.
I'll go on trying to figure out why we need to restart ossec. Hope to
bring soon the findings
Kind regards,
Jose Moreno
I have observed this behavior in the past as well. CDB is supposed to
not require a
2015-02-10 18:42 GMT+02:00 shankey shankey.ci...@gmail.com:
HI TEAm ,
Can is use OSSEC for FIM solution, to clear my PCI Audit, if yes,
Yes, it can act as fim.
then help me with the hardware requirement and installation procedure.
Err. Maybe you need to hire consult ..
--
Eero
--
HI Team,
There are arrount 500 server which need to be monitor through (Manager
OSSEC server) we would requred all system and application logs for the
audit and complaince.
base on the that can you suggest how should i go ahead.
it would be great if you can share the steps by steps process
Hi,
We are using CDB lists for a number of tasks, they work fine but when a
list is updated, just running ossec-makelists won't male ossec-analysisd to
take the new information in account, we need to restart OSSEC..
Is that the expected behaviour or is there a way to use a CDB list as a
Hi,
Installed and configured OSSEC 2.8.1 with 4 Agents. work fine. I need to
know how to enabled OSSEC for central logging system. so Agent logs store
on servers.
I have configured logall but no luck.
--
---
You received this message because you are subscribed to the Google Groups
On Tue, 10 Feb 2015, Mehul gajjar wrote:
Installed and configured OSSEC 2.8.1 with 4 Agents. work fine. I need to
know how to enabled OSSEC for central logging system. so Agent logs store
on servers.
I have configured logall but no luck.
you have a hammer, so everything looks like a nail.
Hello,
Is it possible to define a profile based on name filtered by regex?
In documentation we have:
agent_config name=agent1
localfile
location/var/log/my.log/location
log_formatsyslog/log_format
/localfile/agent_config
agent_config os=Linux
localfile
help me please
понедельник, 9 февраля 2015 г., 16:53:37 UTC+3 пользователь dan (ddpbsd)
написал:
On Mon, Feb 9, 2015 at 8:13 AM, alex petrov allrea...@gmail.com
javascript: wrote:
rule id=700086 level=7
if_sid530/if_sid
matchossec: output: 'for /f tokens=3*/match
Hi there!
I'm interested about this test too. Anyone maybe profile could fit your
needs ?
http://ossec-docs.readthedocs.org/en/latest/syntax/head_agent_config.html#options
Good read
https://groups.google.com/forum/#!topic/ossec-list/KKdsgYDiiks
On Tue, Feb 10, 2015 at 8:43 AM, alex petrov allreadypa...@gmail.com wrote:
help me please
Make sure there are changes between runs? Maybe increase the frequency
(10 is very small)?
I don't really have any ideas of what to look at, and I don't have any
systems to test this on.
понедельник, 9
On Feb 10, 2015 7:57 AM, Daniel Calvo Castro
daniel.ca...@kernelsecurity.es wrote:
Hi again
These brackets are for emphasis, sorry for not to clarify this, but it
clearly looks like it is a regexp issue, I´m going to deal with it now
and I´ll post if I´m able to solve it. May be some other
yes when I installed the agent on 10.9 series machines, I am able to import
the key and start the ossec but server ui is not showing them.
On Tuesday, 10 February 2015 17:54:15 UTC+5:30, narendra reddy wrote:
Hi Team,
I have configured Ossec-hids-2.7 on one of my AWS instance which has
On Tue, Feb 10, 2015 at 8:01 AM, dan (ddp) ddp...@gmail.com wrote:
On Feb 10, 2015 7:57 AM, Daniel Calvo Castro
daniel.ca...@kernelsecurity.es wrote:
Hi again
These brackets are for emphasis, sorry for not to clarify this, but it
clearly looks like it is a regexp issue, I´m going to deal
On Tue, Feb 10, 2015 at 8:06 AM, narendra reddy
narendrareddy.a...@gmail.com wrote:
yes when I installed the agent on 10.9 series machines, I am able to import
the key and start the ossec but server ui is not showing them.
But do the agents actually connect? You can use tcpdump on the manager
On Tue, Feb 10, 2015 at 7:00 AM, Ricardo Perre rjmpe...@gmail.com wrote:
Hello,
Is it possible to define a profile based on name filtered by regex?
In documentation we have:
agent_config name=agent1
localfile
location/var/log/my.log/location
On Mon, Feb 9, 2015 at 3:42 PM, Ricardo Galossi chacalito2...@gmail.com wrote:
Hi Dan,
I installed ossec as local. Yeah, the AR configuration is default. The
daemon ossec-execd is running normally and the firewall is enable. I made
testes with both versions of ossec 2.7 and 2.8.1 within the
Hi Team,
I have configured Ossec-hids-2.7 on one of my AWS instance which has 10.5
series ip, I am able to add 25+ agents from 10.5 series and tried adding
10.9 series agents however I am unable to see them on gui and not even
getting mails from 10.9 series.
I am able to ping or ssh to 10.9
On Tue, Feb 10, 2015 at 4:36 AM, Jose Moreno jmore...@gmail.com wrote:
Hi,
We are using CDB lists for a number of tasks, they work fine but when a list
is updated, just running ossec-makelists won't male ossec-analysisd to take
the new information in account, we need to restart OSSEC..
Is
On Mon, Feb 9, 2015 at 5:13 PM, Glen Leeder glen.lee...@gmail.com wrote:
Thanks Dan,
I've changed my rsyslog format to IP addresses instead of hosts and all is
good.
I can't be sure, but it seems like you're confused. The log message:
Feb 9 19:19:53 myhostname gleeder: OSSEC-TESTER-RULE
Hi again
These brackets are for emphasis, sorry for not to clarify this, but it
clearly looks like it is a regexp issue, I´m going to deal with it now
and I´ll post if I´m able to solve it. May be some other people are
dealing with this, any help would really appreciated. It is a ticket
opened on
On Mon, Feb 9, 2015 at 4:23 PM, Daniel Calvo Castro
daniel.ca...@kernelsecurity.es wrote:
Just today I´ve been experiencing same issues trying to get OSSIM + OSSEC
working with an asterisk box, I´ve followed this link [1], and trying to
enumerate users I´m able to correlate and fire mails
On Tue, Feb 10, 2015 at 7:09 AM, narendra reddy
narendrareddy.a...@gmail.com wrote:
Hi Team,
I have configured Ossec-hids-2.7 on one of my AWS instance which has 10.5
series ip, I am able to add 25+ agents from 10.5 series and tried adding
10.9 series agents however I am unable to see them
27 matches
Mail list logo