Help me to configure my router with ossec manager
On Wednesday, March 25, 2015 at 3:17:17 AM UTC+7, Nhen Panha wrote:
Hello sir!
Today, I would like to ask you the problem between configuration Ossec and
Cisco devices.
In cisco router and switch I config:
logging on
logging host
Hello everybody,
I try to configure OSSEC Agent on machine with Windows 2012 in order to
sending some events to OSSEC server (2.8.1).
In the ossec_config section in the agent is:
localfile
locationSecurity/location
log_formateventlog/log_format
/localfile
I want to send events with
2015-03-24 23:31 GMT+02:00 Nhen Panha panhan...@gmail.com:
Help me to configure my router with ossec manager
Do you really understand how cisco logging works? logging trap XXX sets
the log level of cisco to syslog.
Nevermind - I am going to try this.. and adapt it for Windows Audit
process logs.
http://blog.rootshell.be/2014/02/10/tracking-processesmalwares-using-ossec/
On Tuesday, March 24, 2015 at 10:55:47 AM UTC-7, Brent Morris wrote:
I'd like to create an application white list from Windows audit
Hello everybody,
I try to configure OSSEC Agent on machine with Windows 2012 in order to
sending some events to OSSEC server (2.8.1).
In the ossec_config section in the agent is:
localfile
locationSecurity/location
log_formateventlog/log_format
/localfile
I want to send events with
Try following settings on cisco (asa)
logging enable
logging trap notifications
--
Eero
2015-03-24 22:09 GMT+02:00 Nhen Panha panhan...@gmail.com:
Hello sir!
Today, I would like to ask you the problem between configuration Ossec and
Cisco devices.
In cisco router and switch I config:
Hello everybody,
I try to configure OSSEC Agent on machine with Windows 2012 in order to
sending some events to OSSEC server (2.8.1).
In the ossec_config section in the agent is:
localfile
locationSecurity/location
log_formateventlog/log_format
/localfile
I want to send events with
I use Cisco router
On Wednesday, March 25, 2015 at 3:17:17 AM UTC+7, Nhen Panha wrote:
Hello sir!
Today, I would like to ask you the problem between configuration Ossec and
Cisco devices.
In cisco router and switch I config:
logging on
logging host IP_OF_MY_OSSEC_SERVER
logging trap
Hello sir!
Today, I would like to ask you the problem between configuration Ossec and
Cisco devices.
In cisco router and switch I config:
logging on
logging host IP_OF_MY_OSSEC_SERVER
logging trap alerts
logging facility local7
In the Ossec manager:
in the file ossec.conf, I add
*eventchannel*
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit
I'd like to create an application white list from Windows audit logs.
I have some systems that are fairly static in nature. They only do one
thing, and I want to be alerted when they deviate from this behavior. An
example use case could be a Windows Embedded POS (no cheeky acronym
intended).
11 matches
Mail list logo