Re: [ossec-list] Last Keep Alive Information Storage place

Thanks for clarifying this. After i synced agent-info, the last keep alive messages were the same on all hosts. Am Montag, 10. August 2015 17:46:54 UTC+2 schrieb dan (ddpbsd): On Wed, Aug 5, 2015 at 3:44 AM, horst knete badun...@hotmail.de javascript: wrote: Hi, i wanted to ask

[ossec-list] Last Keep Alive Information Storage place

Hi, i wanted to ask quickly where the (I mean in term of ossec folder path) the information of the last keep alive of the agents is stored. background: i set up an ossec failover cluster with shared network volumes (i. e. /var/ossec/queue/rootcheck , /var/ossec/queue/syscheck). Everything is

Re: [ossec-list] multiple thread support for ossec server?

/ server loadbalancing? ). Anyone knows a good Case study about this? Thanks Am Dienstag, 16. Juni 2015 14:36:47 UTC+2 schrieb Michael Starks: On 06/16/2015 01:29 AM, horst knete wrote: Hey guys, while adding more and more ossec agents to our ossec server installation we are running

[ossec-list] multiple thread support for ossec server?

Hey guys, while adding more and more ossec agents to our ossec server installation we are running into the issue, that the ossec-analysisd have an cpu consumation of about 85% and the ossec-remoted of about 30% of a single cpu thread. We are running the ossec server, together with other

Re: [ossec-list] migrating ossec server - work involved?

Did you ever found an solution to this? Im afraid i also have to reinstall our ossec server in order to increase the max_agents setting and absolutely dont want to connect to every of the 200 agents, and restart or reauthentificate them. Thanks Am Donnerstag, 21. März 2013 19:29:07 UTC+1

Re: [ossec-list] migrating ossec server - work involved?

Recompiling on the same system would do the job, but in order to do that i have to uninstall ossec and compile it from source again right? Am Mittwoch, 17. Dezember 2014 14:13:42 UTC+1 schrieb dan (ddpbsd): On Wed, Dec 17, 2014 at 5:39 AM, horst knete badun...@hotmail.de javascript: wrote

Re: [ossec-list] migrating ossec server - work involved?

alright, thx for advice i´ll try it Am Mittwoch, 17. Dezember 2014 14:44:45 UTC+1 schrieb dan (ddpbsd): On Wed, Dec 17, 2014 at 8:20 AM, horst knete badun...@hotmail.de javascript: wrote: Recompiling on the same system would do the job, but in order to do that i have to uninstall

[ossec-list] Very big syscheck queue - how to deal with it?

Hey guys, we are having an OSSEC server installation on debian with about 210 Windows and Linux Ossec-Clients in our network. Regarding to syscheck we have literally have the default settings of ossec that includes a big part of the windows registry and windows directory as well as most linux

[ossec-list] Ossec can handle its integrity database

Hey guys, today we encountered a very strange problem regarding our OSSEC installation. On the central OSSEC server, these messages appeared in the ossec.log: 2014/12/01 09:38:06 ossec-analysisd: Unable to open integrity file. Increase MAX_AGENTS. 2014/12/01 09:38:06 ossec-analysisd: Error

[ossec-list] Problems importing the client key on Windows Domain Controllers

hey guys, i really appreciate the work, that the community does regarding the development of ossec. We are using the ossec Server/Agent structure in an productive way in our company, but we got the problem now, that we cant import the client key of the ossec agent on windows 2008+ domain

[ossec-list] Re: Problems importing the client key on Windows Domain Controllers

Sorry, just forget my stupid post - i just found the client.keys file on the central ossec server and used this for the client.keys file on the agents and it worked.. Am Mittwoch, 22. Oktober 2014 15:10:53 UTC+2 schrieb horst knete: hey guys, i really appreciate the work

Re: [ossec-list] Problems importing the client key on Windows Domain Controllers

javascript:] *On Behalf Of *horst knete *Sent:* Wednesday, October 22, 2014 9:11 AM *To:* ossec...@googlegroups.com javascript: *Subject:* [ossec-list] Problems importing the client key on Windows Domain Controllers hey guys, i really appreciate the work, that the community

Re: [ossec-list] OSSEC Agents cache Events if OSSEC Server is down nowadays?

the ability to manage the configs of all agents from one server :/. But i think thats better than nothing. Cheers Am Dienstag, 17. Juni 2014 16:40:04 UTC+2 schrieb Michael Starks: On 2014-06-17 3:17, horst knete wrote: Hey Guys, we are implementing an OSSEC Installation in our Environment due

[ossec-list] Does an OSSEC Agent buffer/cache the logs if OSSEC Server is down nowadays?

Hey Guys, we are implementing an OSSEC Installation in our Environment due the the great functionality of the System. We got Agents on both Linux and Windows and the Log Shippment is working fine. But as we tested what happen if the OSSEC Server goes down (i. e. for maintenance) the

[ossec-list] OSSEC Agents cache Events if OSSEC Server is down nowadays?

Hey Guys, we are implementing an OSSEC Installation in our Environment due the the great functionality of the System. We got Agents on both Linux and Windows and the Log Shippment is working fine. But as we tested what happen if the OSSEC Server goes down (i. e. for maintenance) the