|
To add…I did remark out within
ossec.conf, the line that would include the syslog_rules.xml. OSSEC did start
without errors. So – it is within this rule that
there is a problem. Thanks in advance for any help! Jason From:
ossec-list@xxxxxxxxxxxxxxxx [mailto:ossec-list@xxxxxxxxxxxxxxxx] On Behalf Of Jason Lehr Hello all – Newbie here! I am trying to get OSSEC running on a test AIX 5.3 box
before implementing into production. It looks like the install went fine until the very end when
it tries to start OSSEC. This is the output of what happens. # /var/ossec/bin/ossec-control start Starting OSSEC HIDS v1.3 (by Daniel B. Cid)... 2007/08/09 09:23:15 ossec-analysisd(1226): Error reading XML
file '/rules/syslog_rules.xml': XML ERR: Bad formed XML. Element not opened
(line 134). 2007/08/09 09:23:15 ossec-analysisd(1220): Error loading the
rules: 'syslog_rules.xml'. ossec-analysisd: Configuration error. Exiting I looked at line 134 of syslog_rules.xml. Figures
– blank line in-between rule id’s 2503 and 2504. I thought
maybe the space prior to </description> in rule id #2504 – but same
result. Any help would be appreciated! Thanks, Jason |