[ossec-list] Re: Same old song ERROR: Unable to access queue: '/var/ossec/queue/ossec/queue

Yeap, I have an agent on the localhost; actually now that is the only active one. Rest all are disconnected since ossec-remoted is not running On Tuesday, 11 April 2017 00:04:46 UTC+5:30, Felix Martel wrote: > > Perhaps this is way off base, but have you added an agent for localhost ? > In my

Re: [ossec-list] Re: Same old song ERROR: Unable to access queue: '/var/ossec/queue/ossec/queue

I am running OSSEC on a Security Onion build Ubuntu 14.04.5 LTS. The issue started after I added in more disk since I ran out of space in / On Monday, 10 April 2017 23:52:07 UTC+5:30, Joshua Gimer wrote: > > Do you have SELinux running in an enforcing mode? What is the output of > sestatus? > >

[ossec-list] Re: Same old song ERROR: Unable to access queue: '/var/ossec/queue/ossec/queue

Perhaps this is way off base, but have you added an agent for localhost ? In my context of a new install, a ton of issues went away after I added an agent for the localhost (name=localhost, IP=127.0.0.1). Didn't export the key or anything. Once I did that, my queue errors went away and my

Re: [ossec-list] OSSEC upgrade from 2.8.3 to 2.9 RC5 DBD error

DISREGARD - major faux pas on my part from previous... its' alert not alerts table.(singular) Alert table does exist, however the column "level" does not, i will create it manually. MariaDB [ossec]> describe alert; +-+---+--+-+-+---+ | Field

Re: [ossec-list] OSSEC upgrade from 2.8.3 to 2.9 RC5 DBD error

MariaDB [(none)]> use ossec Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed MariaDB [ossec]> describe alerts; ERROR 1146 (42S02): Table 'ossec.alerts' doesn't exist MariaDB [ossec]> the mysql

Re: [ossec-list] Re: Same old song ERROR: Unable to access queue: '/var/ossec/queue/ossec/queue

Do you have SELinux running in an enforcing mode? What is the output of sestatus? Josh On Wed, Oct 12, 2016 at 8:58 AM, Kernel Panic wrote: > Really do not know, just installed it from repo and tried to start the > service. > > Thanks > Regards > > El martes, 11 de

[ossec-list] Re: Same old song ERROR: Unable to access queue: '/var/ossec/queue/ossec/queue

I am getting the exact same error - 2017/04/10 18:03:02 ossec-remoted: Unable to open agent file. errno: 13 2017/04/10 18:03:02 ossec-remoted(1103): ERROR: Unable to open file '/queue/rids/1024'. how did you manage to get ossec-remoted back up and running? On Wednesday, 12 October 2016

Re: [ossec-list] OSSEC upgrade from 2.8.3 to 2.9 RC5 DBD error

Looking at the database schema here: https://github.com/ossec/ossec-hids/blob/master/src/os_dbd/mysql.schema There is a column in the alerts table called level. I would do a describe on your alerts table and make sure that it has all of the expected columns. MySQL> use ossec; -- this should be

[ossec-list] OSSEC upgrade from 2.8.3 to 2.9 RC5 DBD error

All has been running fine with 2.8.3 since mid 2016 - no issues at all. Decided to update to 2.9 for some JSON functionality and after updating the server we are encountering this error: ossec-dbd(5203): ERROR: Error executing query 'INSERT INTO >

Re: [ossec-list] Redundancy manager (backup)

Hi Martin, please give us a clue: do you see any issue at the logs? For example, when the agent switches to other server you should see logs such: ossec-agentd: INFO: Closing connection to server (10.0.0.1:1514). ossec-agentd: INFO: Trying to connect to server (10.0.0.2:1514). If the agent