On Tue, Sep 25, 2018 at 10:12 AM Fredrik Hilmersson
wrote:
>
> The reason why I'm wondering about the above is that my access log keep
> getting spammed by these scripts and rule 31151 doesn't seem to register the
> multiple 404's from same source ip.
>
> My question is shouldn't rule 31151 be
The reason why I'm wondering about the above is that my access log keep
getting spammed by these scripts and rule 31151 doesn't seem to register
the multiple 404's from same source ip.
My question is shouldn't rule 31151 be triggered i.e., by the example below?
Rule 31151 is set to:
Frequency
Hi all,
i'm trying to install OSSEC 3.0 (by RPM
http://www.ossec.net/docs/manual/installation/installation-package.html#rpm-installation)
on Centos7 but cannot start ossec-remoted
2018/09/25 04:41:07 ossec-syscheckd(1210): ERROR: Queue
'/var/ossec/queue/ossec/queue' not accessible: