[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] Re: ossec 0.9

To: <ossec-list@xxxxxxxxx>
Subject: [ossec-list] Re: ossec 0.9
From: "Miner, Jonathan W \(CSC\) \(US SSA\)" <jonathan.w.miner@xxxxxxxxxxxxxx>
Date: Fri, 4 Aug 2006 08:50:18 -0400
Content-class: urn:content-classes:message
Content-transfer-encoding: quoted-printable
Thread-index: Aca3wlwgDcLApplzTtycoj4dXk0zDAAASqPd
Thread-topic: [ossec-list] ossec 0.9




> 4. On Solaris, it may worth to include /var/adm/message to the
>    default monitor list.

I've been using it for about a week on two Solaris 9 machines.  One file that should be excluded is /etc/logadm.conf; the contents get rewritten with a datestamp every day.

I'm also having problems on the server with ossec-analysisd getting a segfault and crashing.  Haven't spent much time looking into this; ideas welcome, but I'll break out gdb and start debugging either later today or next.

> BTW, OSSEC is great. Easy to install and useful.

Definitely easy to install.  Any way for me to pre-compile binaries so that I can deploy OSSEC on machines that don't have compilers?  Can I simply copy the /var/ossec directory from one machine to another, then update the client keys?

THANKS!

Follow-Ups:
- [ossec-list] Re: ossec 0.9
  - From: Daniel Cid

References:
- [ossec-list] ossec 0.9
  - From: Martin Leung

Prev by Date: [ossec-list] Re: some questions
Next by Date: [ossec-list] Re: ossec 0.9
Previous by thread: [ossec-list] ossec 0.9
Next by thread: [ossec-list] Re: ossec 0.9
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.