Re: [ossec-list] Wazuh install and mysql

Well I did some more googleing and figured out my problem. I had to delete all the agents and reinitialize them on the server and copy the new keys over to each agent via:

Re: [ossec-list] Wazuh install and mysql

Hi, I started over with the ossec-hids-2.8.3-3. I have been able to get the database working correctly, but I think my agents are messed up. I ran the ossec batch manager to recreate the keys and I ran /var/ossec/bin/manage_agents -i new key on each of the servers I want to monitor. I have

Re: [ossec-list] Does Ossec support MariaDB?

Right, yes. That was the part that I forgot. I installed mariadb but not mariadb-devel. Now it compiles without errors. Thank you! Natassia On Tuesday, December 13, 2016 at 4:20:44 AM UTC-8, Eero Volotinen wrote: > What Linux distribution you are using? > > you should install needed

Re: [ossec-list] remoted Dropping Events

On Tue, Dec 13, 2016 at 9:11 AM, Chris Decker wrote: > Victor, > > I'm at the point where my agents all have valid keys, so I'm unsure as to > why I have ~ 750 clients and only ~225 are reported as "active" at any one > time (all of the machines are alive and well, and

Re: [ossec-list] Non standard use case

Cliftyman, Have you looked into precompiled OSSEC agents to install on the hosts that you say you can't install OSSEC agent on? You can build a VM that has the needed modules to build the agent and then build the OSSEC agent and install it on the system that doesn't have the make and gcc on them.

Re: [ossec-list] Does Ossec support MariaDB?

On Mon, Dec 12, 2016 at 7:35 PM, wrote: > Hi, > > There hasn't been any action on this topic for over a year but it was never > answered and I'm running into the same issue. What libraries is it looking > for? Is there somewhere that I can look at, possibly edit the list? Why >

Re: [ossec-list] Email Alerts on Google Compute Instances

How about using local postfix for smarthost and configuring relay with it? -- Eero 2016-12-13 13:37 GMT+02:00 flippery_fish : > Hi, > > Google Compute Engine does not allow outbound connections on ports 25, > 465, and 587. > > As recommended by GCE, I have setup mailjet

[ossec-list] Re: Email Alerts on Google Compute Instances

OK, typical i find an answer just as i post, seems modifying sendmail.c is one option that will work for me, albeit need to be aware for upgrades. Would be good if an option to specify a port could be rolled into a future version. On Tuesday, December 13, 2016 at 11:40:23 AM UTC,

Re: [ossec-list] Email Alerts on Google Compute Instances

On Tue, Dec 13, 2016 at 6:37 AM, flippery_fish wrote: > Hi, > > Google Compute Engine does not allow outbound connections on ports 25, 465, > and 587. > > As recommended by GCE, I have setup mailjet on 2525 which works fine for > outbound mail relay. > > Is there a way to

[ossec-list] Email Alerts on Google Compute Instances

Hi, Google Compute Engine does not allow outbound connections on ports 25, 465, and 587. As recommended by GCE, I have setup mailjet on 2525 which works fine for outbound mail relay. Is there a way to send the OSSEC email notifications to send on specific port (i.e. in.mailjet.com:2525 in my

Re: [ossec-list] Does Ossec support MariaDB?

Hi, I have not used databases in OSSEC, but you can choose the type in the configuration: 192.168.2.30 ossecuser ossecpass ossec mysql In order to use databases, you must compile OSSEC with database support: # cd ossec-hids-* # cd src; make