Yeap, I have an agent on the localhost; actually now that is the only
active one. Rest all are disconnected since
ossec-remoted is not running
On Tuesday, 11 April 2017 00:04:46 UTC+5:30, Felix Martel wrote:
>
> Perhaps this is way off base, but have you added an agent for localhost ?
> In my
I am running OSSEC on a Security Onion build Ubuntu 14.04.5 LTS.
The issue started after I added in more disk since I ran out of space in /
On Monday, 10 April 2017 23:52:07 UTC+5:30, Joshua Gimer wrote:
>
> Do you have SELinux running in an enforcing mode? What is the output of
> sestatus?
>
>
Perhaps this is way off base, but have you added an agent for localhost ?
In my context of a new install, a ton of issues went away after I added an
agent for the localhost (name=localhost, IP=127.0.0.1). Didn't export the
key or anything. Once I did that, my queue errors went away and my
DISREGARD - major faux pas on my part from previous... its' alert not
alerts table.(singular)
Alert table does exist, however the column "level" does not, i will create
it manually.
MariaDB [ossec]> describe alert;
+-+---+--+-+-+---+
| Field
MariaDB [(none)]> use ossec
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [ossec]> describe alerts;
ERROR 1146 (42S02): Table 'ossec.alerts' doesn't exist
MariaDB [ossec]>
the mysql
Do you have SELinux running in an enforcing mode? What is the output of
sestatus?
Josh
On Wed, Oct 12, 2016 at 8:58 AM, Kernel Panic
wrote:
> Really do not know, just installed it from repo and tried to start the
> service.
>
> Thanks
> Regards
>
> El martes, 11 de
I am getting the exact same error -
2017/04/10 18:03:02 ossec-remoted: Unable to open agent file. errno: 13
2017/04/10 18:03:02 ossec-remoted(1103): ERROR: Unable to open file
'/queue/rids/1024'.
how did you manage to get ossec-remoted back up and running?
On Wednesday, 12 October 2016
Looking at the database schema here:
https://github.com/ossec/ossec-hids/blob/master/src/os_dbd/mysql.schema
There is a column in the alerts table called level. I would do a describe
on your alerts table and make sure that it has all of the expected columns.
MySQL> use ossec; -- this should be
All has been running fine with 2.8.3 since mid 2016 - no issues at all.
Decided to update to 2.9 for some JSON functionality and after updating the
server we are encountering this error:
ossec-dbd(5203): ERROR: Error executing query 'INSERT INTO
>
Hi Martin,
please give us a clue: do you see any issue at the logs?
For example, when the agent switches to other server you should see logs
such:
ossec-agentd: INFO: Closing connection to server (10.0.0.1:1514).
ossec-agentd: INFO: Trying to connect to server (10.0.0.2:1514).
If the agent
10 matches
Mail list logo