[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ossec-list] Re: clear Ossec alert log
- To: ossec-list@xxxxxxxxxxxxxxxx
- Subject: [ossec-list] Re: clear Ossec alert log
- From: "Daniel Cid" <daniel.cid@xxxxxxxxx>
- Date: Wed, 10 Oct 2007 22:33:57 -0300
- Authentication-results: mx.google.com; spf=pass (google.com: domain of daniel.cid@xxxxxxxxx designates 209.85.132.240 as permitted sender) smtp.mail=daniel.cid@xxxxxxxxx; dkim=pass (test mode) header.i=@xxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=Ov9Oj627fdUeCeu3LH+0GzNpQ82Uc54zAvDmHz7R+aM=; b=i1JrwshwmBJGLVSsoTeZ/0Hg/ewr4/SuepD92R97Z80Ef0KP5m3mQUvU9zVFoYI109pCDC7yiTDr677WYIgOOFCHiwBraNvnN8uWAPYadGBjR8v8wYmjCmf0va1SlyY9HiQFfrJYs3Jl4DEol/P8whLjPlyHZ4znkROT3grA0mg=
Hi John,
To clear the file integrity history, just run:
$ /var/ossec/bin/syscheck_update -a
To delete all alerts, just remove the whole /var/ossec/logs/alerts/* directory:
$ rm -rf /var/ossec/logs/alerts/*
*Just make sure to stop ossec before doing that...
Hope it helps.
--
Daniel B. Cid
dcid ( at ) ossec.net
On 10/9/07, PKTan <jpktan@xxxxxxxxxxxx> wrote:
>
>
>
> Hi,
> Is there any easy way to reset the OSEEC_SERVER log entries ?
> I have been running the ossec for about a month, I want to start a fresh ossec server without re-install everything. I unregistered all the ossec agent from the server, but the old alerts, registry and files integrity history still in the system , anyway to clear everything without reinstalling ossec-server ?
>
>
> Thanks in advance
>
>
> regards
> John
> ________________________________
Yahoo! Movies - Search movie info and celeb profiles and photos.
OSSEC home |
Main Index |
Thread Index
OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.