[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] Re: windows logs

To: <ossec-list@xxxxxxxxxxxxxxxx>
Subject: [ossec-list] Re: windows logs
From: <ruurd@xxxxxxxxxx>
Date: Wed, 26 Jul 2006 17:00:25 +0200
Content-transfer-encoding: 7bit
Organization: secquard
Thread-index: AcawHgeeC/UDRcLbSxC4j92RK/UEFAApSBkg

Hi

We have a ossec server 0.9 running with several clients.
But the windows agents don't read from the eventlogs.
I tried editing the ossec.conf at the windows agent with the path directly
to the evnetlog something like:

<localfile>
	<log_format>system</log_format>
	<location>c:\windows\system32\conf\***.evt</location>
</localfile>

What is wrong did I missed something?

Can I see if something is wrong with the syscheck?

Thanks

Ruurd

Follow-Ups:
- [ossec-list] Re: windows logs
  - From: Daniel Cid

References:
- [ossec-list] Re: OSSEC Version 0.9 Available.
  - From: Daniel Cid

Prev by Date: [ossec-list] Re: gpg ?
Next by Date: [ossec-list] Re: windows logs
Previous by thread: [ossec-list] Re: OSSEC Version 0.9 Available.
Next by thread: [ossec-list] Re: windows logs
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.