Hi,
I've got a problem about syscheck for C:\Windows\system32\drivers\testPTS with ossec agent 3.6.0 installed on Windows Server 2012 R2 using rules:
<directories realtime=yes check_all=yes>%WINDIR%/system32/drivers/testPTS</directories>, because agent ossec has a error in logs :
ssec-syscheckd: WARN: Error opening directory: 'C:\windows\system32\drivers\testPTS: No such file or directory
ossec agent error for directories C:\Windows\system32\drivers\testPTS
Re: ossec agent error for directories C:\Windows\system32\drivers\testPTS
Error opening directory: 'C:\windows\system32\drivers\testPTS: No such file or directory
This is saying the testPTS directory does not exist. It could also be that ossec does not have permissions to it.
This is saying the testPTS directory does not exist. It could also be that ossec does not have permissions to it.