Hi all,
I've been having this weird issue with OSSEC. I setup an agent in one
server, and things seem okay at first.
When I modify a file that is being monitored (/etc/passwd) I'd have to wait
a significant time for it to trigger an alert (unless I manually run the
syscheckd). So I went to
Just to add,
The messages are:
Level:
2 - Unknown problem somewhere in the system.
Rule Id:
1002 <http://www.ossec.net/doc/search.html?q=rule-id-1002>
On Friday, October 7, 2016 at 5:01:44 PM UTC+1, Yousif Johny wrote:
>
> Hi,
>
> I notice in the Web Interface that
I just removed it, as it seems the yum installation was crappy.
I just installed it now by compiling it from source, and I can see the
binary here.
On Thursday, October 6, 2016 at 4:58:20 PM UTC+1, Yousif Johny wrote:
>
> Hi,
>
> I just setup OSSEC and I'm trying to get it to ru
I used yum. I believe it was:
sudo yum install ossec-hids ossec-hids-server
On Thursday, October 6, 2016 at 4:58:20 PM UTC+1, Yousif Johny wrote:
>
> Hi,
>
> I just setup OSSEC and I'm trying to get it to run with MySQL.
>
> I followed the instructions in the documentati
That error was from the ossec.log (only thing there).
As for ossec-dbd, I've been searching for this but there's no binary with
that name under /var/ossec/bin.
On Thursday, October 6, 2016 at 4:58:20 PM UTC+1, Yousif Johny wrote:
>
> Hi,
>
> I just setup OSSEC and I'm trying to g
Hi,
I just setup OSSEC and I'm trying to get it to run with MySQL.
I followed the instructions in the documentation,
When I run :
/var/ossec/bin/ossec-control restart
I get:
ossec-dbd did not start correctly.
I'm running the OSSEC-server on a Centos.
Any suggestions?
Thank you.
--
How do you suggest I go about monitoring this?
Do you think the one you're using could be better for some reason for my
purpose?
Thank you.
On Thursday, October 6, 2016 at 3:31:27 PM UTC+1, Yousif Johny wrote:
>
> Dear mates,
>
> I'd really appreciate your help with the issue I'm
on the Web-gui of OSSEC.
Thank you.
On Thursday, October 6, 2016 at 3:31:27 PM UTC+1, Yousif Johny wrote:
>
> Dear mates,
>
> I'd really appreciate your help with the issue I'm having, trying to get
> an Agentless monitoring working.
>
> I installed OSSEC in CentOS, and
Dear mates,
I'd really appreciate your help with the issue I'm having, trying to get an
Agentless monitoring working.
I installed OSSEC in CentOS, and I'm trying to monitor a linux host using
the *ssh_integrity_check_linux* script.
I tested the script manually as follows: