[ossec-list] Re: ERROR: Queue '/var/ossec/queue/ossec/queue' not accessible: 'Destination address required'. On Solaris 10

On Wednesday, February 26, 2014 at 1:04:14 PM UTC-5, OsO Roñoso wrote: > > root@lenga # ls -las > total 4 >2 drwxrwx--- 2 root root 512 Feb 26 14:31 . >2 dr-xr-x--- 7 root root 512 Feb 25 18:26 .. >0 -rw-r--r-- 1 root root 0 Feb 25 18:34

Re: [ossec-list] Getting emails for level 2 alerts

On Thu, Aug 30, 2018 at 1:05 PM SternData wrote: > > I get a lot of emails for level 2 alerts, though I'm set for 7 as the cutoff > > etc/ossec.conf:7 > > Ideas? > Do these rules have the email option set in the rule definition? > -- > -- Steve > > -- > > --- > You received this message

Re: [ossec-list] OSSEC Upgrade to 3.0.0

I found today, that running ossec-control (any option) displays the version number at the top. I have also been on to Wazuh about getting their public repo updated with version 3.0.0 to eliminate this issue. On Thursday, 30 August 2018 12:14:34 UTC+1, dan (ddpbsd) wrote: > > On Wed, Aug 29,

Re: [ossec-list] PSAD rule include error

On Thu, Aug 30, 2018 at 4:11 AM Fredrik Hilmersson wrote: > > Hello, > > The ruleset psad_rules.xml which is included in the 3.0.0 version is not by > default included in the ossec.conf file. When i add the the include: > psad_rules.xml within the I get the following error: > > ossec-testrule:

Re: [ossec-list] OSSEC Upgrade to 3.0.0

On Wed, Aug 29, 2018 at 6:06 AM Chris wrote: > > Hi, > > I have upgraded OSSEC from 2.8.3 to 3.0.0 on my Ubuntu server, using the > install.sh from the expanded tar.gz. From what I can see this was successful > in running the upgrade, but as this was not an upgrade using the repo, as > version

Re: [ossec-list] Windows Active Response not firing

On Wed, Aug 22, 2018 at 8:35 PM wrote: > > Hello, > > I am trying a very basic active response which would terminate a powershell > process when it is created on a host (Windows 10) machine. > > I have a standalone SO configuration, with 3 OSSEC agents (V2.9) connected, > all Windows machines.

Re: [ossec-list] E-mail alert for login

On Wed, Aug 22, 2018 at 6:32 AM Dzenis Aslani wrote: > > Thanks Dan issue is solved :). Any idea why ossec cant be installed through > APT in Ubuntu i tried both manually and automaticaly and i got same error > "unable to correct problems you have held broken packages" > No clue, I don't deal

[ossec-list] PSAD rule include error

Hello, The ruleset psad_rules.xml which is included in the 3.0.0 version is not by default included in the ossec.conf file. When i add the the include: psad_rules.xml within the I get the following error: ossec-testrule: INFO: Reading local decoder file. rules_list: Category '1' not found.