Hi all ,
I have ossec manager running on centos ,and two agents one of them is
running on windows 2008.
The active response work fine on centos agent but on windows server not
work automatically and work fine manually .
I hope to figure out the problem.
--
---
You received this message
,
31103,31104,31105,31106,31110,31109,31115,31151,31152,31153,31154,31161,31162,31163,31164,31165
/rules_id
timeout600/timeout
/active-response
On Thursday, May 14, 2015 at 4:43:16 PM UTC+2, dan (ddpbsd) wrote:
On Thu, May 14, 2015 at 10:22 AM, HMath h.i.yo...@gmail.com javascript:
wrote:
Hi all
another point, there are some system errors in windows machine I saw them
in log file in windows ossec
On Saturday, May 16, 2015 at 1:06:47 PM UTC+2, HMath wrote:
yes , I was getting alerts for them in the alert.log and some of them
emailed depending on the level.
another point
, May 17, 2015 at 3:36 AM, HMath h.i.yo...@gmail.com javascript:
wrote:
another point, there are some system errors in windows machine I saw
them in
log file in windows ossec
Errors could be bad.
I didn't check, but are you sure all of the rule IDs you added to the
AR
xxx.xxx.xxx.xxx the IP
appears
What is the problem in this case?
On Tuesday, May 26, 2015 at 11:06:57 AM UTC+2, HMath wrote:
I reinstalled the windows server , but the case is similar .
I have a question:
how ossec server knows the path of the file route-null.cmd existing on
windows agent in order
Thank you
On Monday, July 27, 2015 at 4:04:31 PM UTC+2, dan (ddpbsd) wrote:
On Jul 26, 2015 7:57 AM, HMath h.i.yo...@gmail.com javascript:
wrote:
Greetings,
I have updated ossec server to latest version , should I update it also
in all clients ?
They should be kept in sync
Thank you
On Monday, July 27, 2015 at 4:14:51 PM UTC+2, Eero Volotinen wrote:
Yes, you should update clients too.
Eero
26.7.2015 2.57 ip. HMath h.i.yo...@gmail.com javascript: kirjoitti:
Greetings,
I have updated ossec server to latest version , should I update it also
in all clients
Thank you
On Thursday, July 23, 2015 at 1:54:12 PM UTC+2, dan (ddpbsd) wrote:
On Jul 23, 2015 4:58 AM, HMath h.i.yo...@gmail.com javascript:
wrote:
Greetings,
I can see this alert on ossec server where this IP is NOT one of clients
.
What does this mean?
It looks like that ip
Greetings,
I have updated ossec server to latest version , should I update it also in
all clients ?
Thank you
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To unsubscribe from this group and stop receiving emails from it, send an email
Greetings,
I can see this alert on ossec server where this IP is NOT one of clients .
What does this mean?
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
10 matches
Mail list logo