Re: [ossec-list] OSSEC Windows Client registration failed

this is what I already did, when I saw it's a permission problem. --> right click and Run as Administrator same effect :( Am Mittwoch, 23. September 2015 21:43:43 UTC+2 schrieb LostInThe Tubez: > > Before you go through the trouble of uninstalling/reinstalling, make sure > you are launching the

RE: [ossec-list] OSSEC Windows Client registration failed

Before you go through the trouble of uninstalling/reinstalling, make sure you are launching the agent manager by right clicking and ‘Run as Administrator.’ If you aren’t doing this then UAC may very well be blocking your access to client.keys and the conf file. The Windows Firewall does indeed c

Re: [ossec-list] OSSEC Windows Client registration failed

Thanks guys, I will try that. I currently don't have any access to the workstation (I'm at home) but I will give it a shot. Is the windows firewall by default enabled? Sorry, I don't have any windows know-howI'm only ever using *NIX based systems... what strikes me thoughto me it seems

Re: [ossec-list] OSSEC Windows Client registration failed

Please review your firewall, usually windows block the traffic And try to restart the service manually as well Rewards Enviado desde mi iPhone > El 23 sept 2015, a las 18:53, theresa mic-snare > escribió: > > Hi guys, > > > yesterday I wanted to install the windows client on a Win7 works

[ossec-list] Re: OSSEC Windows Client registration failed

We install the agent using a local administrator account without any problems on Win7 and other Windows OS's. Maybe uninstall and re-install this way if you haven't tried that already? -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To un

[ossec-list] OSSEC Windows Client registration failed

Hi guys, yesterday I wanted to install the windows client on a Win7 workstation. The installation went fine, however the registration with the OSSEC master failed. Error that I got was: Which permissions does the config need on windows?

Re: [ossec-list] Merge EventChannel fix into 2.8?

> > I will attempt to build the binary tomorrow morning and do some testing... -Josh -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr.

Re: [ossec-list] File Edits on Agent Not Being Sent to Server

On Sep 23, 2015 10:32 AM, "James DeLeon" wrote: > > Just set up auto ignore, and restarted OSSEC on both the manager and client and this is now working properly. > > Two questions regarding auto_ignore, though: > > 1. If it's left on, how long does OSSEC ignore the file? I had been testing this fo

Re: [ossec-list] File Edits on Agent Not Being Sent to Server

Just set up auto ignore, and restarted OSSEC on both the manager and client and this is now working properly. Two questions regarding auto_ignore, though: 1. If it's left on, how long does OSSEC ignore the file? I had been testing this for just under 2 weeks, and edited the file more than 3 ti

[ossec-list] Splunk for OSSEC a

Hello people, On my Ossec server I have installed splunk and also the ossec app for splunk. I see now a nice dashboard, but if I look at the figures : if you look at signatures, you see n

Re: [ossec-list] File Edits on Agent Not Being Sent to Server

On Sep 23, 2015 9:23 AM, "James DeLeon" wrote: >> >> Has it ever worked? > > > Yes, I used to get the messages only when I had restarted the OSSEC on the agent after a file change, but it's no longer working. (After no changes to any of the configuration files or network.) > >> >> Is syscheckd run

Re: [ossec-list] File Edits on Agent Not Being Sent to Server

> > Has it ever worked? Yes, I used to get the messages only when I had restarted the OSSEC on the agent after a file change, but it's no longer working. (After no changes to any of the configuration files or network.) > Is syscheckd running on the agent? Yes, and it always starts up when

Re: [ossec-list] Re: Solaris 10 compile error

would be good to know...then I can create a symlink for the correct path do you know in which source file I could look? Am Mittwoch, 23. September 2015 15:02:25 UTC+2 schrieb dan (ddpbsd): > > > On Sep 23, 2015 8:59 AM, "theresa mic-snare" > wrote: > > > > by the way: > > > > I have found the

Re: [ossec-list] Re: Solaris 10 compile error

On Sep 23, 2015 8:59 AM, "theresa mic-snare" wrote: > > by the way: > > I have found the file opensslconf.h that is allegedly missing on my server... > it's located under: > /usr/sfw/include/openssl/opensslconf.h > > is the path maybe somewhere hardcoded, so that it's maybe looking in the wrong pl

[ossec-list] Re: Solaris 10 compile error

by the way: I have found the file opensslconf.h that is allegedly missing on my server... it's located under: /usr/sfw/include/openssl/opensslconf.h is the path maybe somewhere hardcoded, so that it's maybe looking in the wrong place? cheers, theresa Am Mittwoch, 23. September 2015 14:45:05 U

Re: [ossec-list] Solaris 10 compile error

On Wed, Sep 23, 2015 at 8:45 AM, theresa mic-snare wrote: > Hi everyone, > > I was just trying to compile OSSEC 2.8.2 on a Solaris 10 (SPARC) server, and > got the following error: > > *** Making os_crypto *** > > /opt/csw/bin/gcc -g -Wall -I../../ -I../../headers > -DDEFAULTDIR=\"/var/ossec\" -D

[ossec-list] Solaris 10 compile error

Hi everyone, I was just trying to compile OSSEC 2.8.2 on a Solaris 10 (SPARC) server, and got the following error: *** Making os_crypto *** /opt/csw/bin/gcc -g -Wall -I../../ -I../../headers -DDEFAULTDIR=\"/var/ossec\" -DCLIENT -DUSE_OPENSSL -DSOLARIS -DHIGHFIRST -DARGV0=\"blowfish_op\

[ossec-list] Overwriting an existing rule while bringing it to lower level and adding "ignore" option.

Rule file : syslog_rules.xml Original rule :- 5400 3 incorrect password attempts hmm Three failed attempts to run sudo I am trying to overwrite this rule with a custom rule in local_rules.xml, so that i don't need to re-update rules when ossec is re-installed. Rule file : local_r