Search found 61 matches
- Sun Nov 07, 2021 9:43 am
- Forum: OSSEC
- Topic: Installation does not open port 1514/tcp in host Fedora Server 33
- Replies: 1
- Views: 38052
Re: Installation does not open port 1514/tcp in host Fedora Server 33
Go into /var/ossec/etc/ossec.conf and locate <remote> verify that port is set to 1514. If it is not, set the port. Also go to <auth> and set port to 1515. Save the changes and then restart the ossec-hids process
- Thu Oct 28, 2021 4:14 pm
- Forum: OSSEC
- Topic: agent disconnect
- Replies: 1
- Views: 39137
Re: agent disconnect
Does the ossec.log show any prominent errors in regards to the affected agents?
- Thu Oct 28, 2021 4:13 pm
- Forum: OSSEC
- Topic: ossec+ and postgress
- Replies: 2
- Views: 40586
Re: ossec+ and postgress
Pleas try installing the following packages as well:
Code: Select all
sudo apt-get -y install libpq-devCode: Select all
sudo apt-get install postgresql-client postgresql-client-common- Tue Sep 28, 2021 9:16 am
- Forum: OSSEC
- Topic: Install problem
- Replies: 4
- Views: 47279
Re: Install problem
Extract pcre2-10.32.tar.gz to src/external.
Get it here: https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz
Get it here: https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz
- Wed Sep 08, 2021 8:59 am
- Forum: PHP Help and Discussion
- Topic: PHP 5.6 end of support
- Replies: 9
- Views: 77886
Re: PHP 5.6 end of support
Correct. CentOS 8 is out in December and CentOS 7 is good through 2024. You can however switch to Rocky Linux which is CentOS8 equivilent
- Thu Sep 02, 2021 8:02 am
- Forum: OSSEC
- Topic: agent disconnect
- Replies: 7
- Views: 58664
Re: agent disconnect
Good morning,
What errors do you see in the ossec.log?
What errors do you see in the ossec.log?
- Mon Aug 30, 2021 4:39 pm
- Forum: Atomicorp Free Modsecurity Rules
- Topic: New rules download page
- Replies: 4
- Views: 24442
Re: New rules download page
Yes, you can use aum. Have you tried changing your password? You can do so here or I can do so manually for you
https://www.atomicorp.com/amember/login
https://www.atomicorp.com/amember/login
- Tue Jul 06, 2021 9:58 am
- Forum: OSSEC
- Topic: How to configure ossec.conf in windows agent for directory/file monitoring
- Replies: 5
- Views: 15337
Re: How to configure ossec.conf in windows agent for directory/file monitoring
<directories check_all="yes">E:\.</directories>
The \ should be a / so can you give that a try please?
<directories check all="yes">e:/<directories>
The \ should be a / so can you give that a try please?
<directories check all="yes">e:/<directories>
- Thu Jul 01, 2021 2:51 pm
- Forum: OSSEC
- Topic: OSSEC Virtual Appliance
- Replies: 4
- Views: 12559
Re: OSSEC Virtual Appliance
Can you verify that kibana is running with ps ax | grep kibana
Also, if you could grep "kibana" /var/log/messages
to see if any errors occur there
Also, if you could grep "kibana" /var/log/messages
to see if any errors occur there
- Thu Jul 01, 2021 2:50 pm
- Forum: OSSEC
- Topic: After installing 3.6.0 it doesn't start due to Could not open file '/var/ossec/ossec-agent/etc/internal_options.conf'
- Replies: 4
- Views: 15857
Re: After installing 3.6.0 it doesn't start due to Could not open file '/var/ossec/ossec-agent/etc/internal_options.conf
So is everything working properly now?
- Thu Jul 01, 2021 12:13 pm
- Forum: OSSEC
- Topic: OSSEC Virtual Appliance
- Replies: 4
- Views: 12559
Re: OSSEC Virtual Appliance
Do you have an error output that you are seeing after having updated the Kibana service?
- Mon Jun 14, 2021 8:16 am
- Forum: Help with other free stuff
- Topic: Evereyone
- Replies: 3
- Views: 13683
Re: Evereyone
OSSEC supports sending diffs when changes are made to text files on Linux and unix systems. Configuring syscheck to show diffs is simple, add report_changes="yes" to the <directories option. For example: <syscheck> <directories report_changes="yes" check_all="yes">/etc<...
- Thu Jun 10, 2021 9:11 am
- Forum: Help with other free stuff
- Topic: Evereyone
- Replies: 3
- Views: 13683
Re: Evereyone
Yes! You will need to vim into /var/ossec/etc/ossec.conf and modify the file to include what directories you would like to watch: <!-- Directories to check (perform all possible verifications) --> <directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories> <directories check_all=&qu...
- Tue Jun 08, 2021 8:40 am
- Forum: OSSEC
- Topic: How do I connect OSSEC Server and Client together in Virtualbox?
- Replies: 4
- Views: 11305
Re: How do I connect OSSEC Server and Client together in Virtualbox?
Verify that you can ping the server box from the agent. A lot of times, when the HUB cannot detect the agent, it is because of either a firewall or a closed port.
Here are the documents for connecting agents to the HUB. https://www.ossec.net/docs/docs/manual/agent/index.html
Here are the documents for connecting agents to the HUB. https://www.ossec.net/docs/docs/manual/agent/index.html
- Fri May 28, 2021 5:44 pm
- Forum: OSSEC
- Topic: ERROR: Download failed with ERROR (6)
- Replies: 7
- Views: 16977
Re: ERROR: Download failed with ERROR (6)
If you would like to try changing the password for the account, you can do so here:
www.atomicorp.com/amember/login
Once changed, update the oum.conf directly and then try and run oum update
www.atomicorp.com/amember/login
Once changed, update the oum.conf directly and then try and run oum update