Rob,
Just a tip
If you have virtual box or VMware, throw a Manager on their and use it to
test your rules and decoders. You can just paste the log into
ossec-logtest. It will sure save you a lot of heartache when
troubleshooting.
Hope that helps
On Monday, April 25, 2016 at 10:13:13 AM
Tahir,
There are two scans which run, depending on the size of your environment
this can take some time (in your case 30 min).
1) rootcheck
2) syscheck
This configuration is located in your ossec.conf:
79200
If you have changed the frequency or forced the scan and noticed it is
The website http://documentation.wazuh.com/en/latest/about.html should be
able to answer most of your questions. Its has instructions on the
installation processes.
On Tuesday, April 26, 2016 at 3:19:43 PM UTC-4, Dennis Golden wrote:
>
> Over the past several years, I have submitted diff's for
On Mon, May 2, 2016 at 10:49 AM, dan (ddp) wrote:
> On Mon, May 2, 2016 at 10:36 AM, Robert Micallef wrote:
>> Third time's the charm. Is PR #821 ok?
>>
>
> At a glance, I don't see the df changes in it. I'll try to take a
> better look in a bit.
>
The
On Mon, May 2, 2016 at 10:36 AM, Robert Micallef wrote:
> Third time's the charm. Is PR #821 ok?
>
At a glance, I don't see the df changes in it. I'll try to take a
better look in a bit.
>
> On Monday, May 2, 2016 at 4:15:55 PM UTC+2, dan (ddpbsd) wrote:
>>
>> On Mon, May
Third time's the charm. Is PR #821 ok?
On Monday, May 2, 2016 at 4:15:55 PM UTC+2, dan (ddpbsd) wrote:
>
> On Mon, May 2, 2016 at 10:12 AM, Robert Micallef > wrote:
> > I'm sorry about that. I never used github before. I didn't know P and h
> are
> > incompatible for
I'm sorry about that. I never used github before. I didn't know P and h are
incompatible for OpenBSD. But I think the rule should still work by just
modifying .
So how can I fix the PR? Do I close it and try opening it again? I cannot
find where to edit anything apart from the title.
On
Hi Dan,
Created PR #819. I hope I chose the correct branches..
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For
On Mon, May 2, 2016 at 9:57 AM, Robert Micallef wrote:
> Hi Dan,
>
> Created PR #819. I hope I chose the correct branches..
>
Thanks for submitting that, but I left a comment in the PR. New
changes should be against MASTER, and the "h" and "P" flags are
incompatible