Hi all ,
I have ossec manager running on centos ,and two agents one of them is
running on windows 2008.
The active response work fine on centos agent but on windows server not
work automatically and work fine manually .
I hope to figure out the problem.
--
---
You received this message
On Thu, May 14, 2015 at 10:22 AM, HMath h.i.youss...@gmail.com wrote:
Hi all ,
I have ossec manager running on centos ,and two agents one of them is
running on windows 2008.
The active response work fine on centos agent but on windows server not work
automatically and work fine manually .
First , sorry for my English
I am new to OSSEC
what happened is I was trying some attacks on iis on windows machine and
alerts are generated in ossec server , I have supposed that ossec will
block the attacking ip for 600 seconds, but that did not happen and when I
did manually by
Have you turned on logall
https://ossec-docs.readthedocs.org/en/latest/syntax/head_ossec_config.global.html
and looked in /var/ossec/logs/archives/archives.log to verify you aren’t
getting anything from the System and Application logs? It may be that you
simply aren’t getting any entries from
I have OSSEC 2.8.1 server installed on CentOS 7. I have OSSEC 2.8.1 agent
installed on a separate CentOS 6 box. The agent cannot connect to the
server and I do not understand why.
When the agent starts, I see this in the logs:
2015/05/14 15:35:11 ossec-agentd: INFO: Trying to connect to server
Hi!
I'm trying update ossec-agent key on windows via cli.
I have found, that wingui just make base64decode against key, received from
server, and write it to file ossec.keys.
If I'll repeate the same manually, is it enough for agent funtioning? Or I
miss something?
--
---
You received