Confirmed, this works.
Thank you!
On Friday, 21 October 2016, dan (ddp) <ddp...@gmail.com> wrote:
> On Fri, Oct 21, 2016 at 6:38 AM, Herman Harperink
> <herman.harper...@gmail.com <javascript:;>> wrote:
> > I've been testing this, doesnt work.
> &
I've been testing this, doesnt work.
On Wednesday, October 19, 2016 at 6:25:33 PM UTC+2, Herman Harperink wrote:
>
> Due to some other obligations I am unable to spen much time on this atm.
> Thanks for your efforts. I might have some time tomorrow, if I am able to
> complete my
Due to some other obligations I am unable to spen much time on this atm. Thanks
for your efforts. I might have some time tomorrow, if I am able to complete my
current task :-)
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe
That didn't work. Have to try something else.
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more options,
>
> Been testing a little more with this. With all all
> agents get updated, except for the server. On the server AR just does not
> work like that.
>
Offcourse, with local it works on the server.
So, when you want to protect all your agents from the same attackers,
you'll be left with a
host-deny
all
6
86400
firewall-drop
all
6
86400
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Posted two times here, don't see my posts. Please ignore / delete.
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
I've found that AR is working on my agents, but not on my server. AR is set to
ALL on my server.
Did I miss something?
Version 2.8.3 on Debian. AR log on the server is empty, but not on my agents.
Should I have installed the server in hybrid mode?
Thanks.
--
---
You received this message
Hi,
It seems to me that active response doesn't work on the Ossec server as soon as
you add an agent. I can't find any docs on this. Is this normal, should the
Ossec server run in hybrid mode to get this working?
I've tested this with 2.8.3. After installing the server AR did work on the
I know that, but maybe somebody know a way around that. Thats why I
ask.There is always a way, and I will find it :-)
Thanks.
On Wed, Aug 3, 2016 at 4:16 PM, dan (ddp) <ddp...@gmail.com> wrote:
> On Wed, Aug 3, 2016 at 9:07 AM, Herman Harperink
> <herman.harper...@gmail.com>
Hi all,
Can somebody hint me in the right direction on this?
I have two dynamic hosts with a ddns hostname and I don't want those to trigger
events. But I can't find a way to do that anywhere.
Thanks in advance.
Herman
--
---
You received this message because you are subscribed to the
Got it running with the following:
31530
web-accesslog
zabbix/zabbix.php
Ignore all zabbix views
This is fun :-)
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails
Hi all, and thanks for reading.
I am new to ossec, however, I've got my system up and running without any
problems. Now I have to finetune it for my network, and here is where my
troubles start.
I am getting alerts that I need to ignore. Most local rules work fine, but
one alert is giving me
Thanks from Germany too, 2 years later :-) I ran into the same problem
today but got it fixed thanks to this thread.
On Wednesday, January 8, 2014 at 3:29:25 PM UTC+1, dan (ddpbsd) wrote:
>
> On Wed, Jan 8, 2014 at 5:17 AM, Georg Schönberger
> wrote:
> > Am Mittwoch, 8.
14 matches
Mail list logo