[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] Customizing Syscheck or something else...

To: ossec-list@xxxxxxxxxxxxxxxx
Subject: [ossec-list] Customizing Syscheck or something else...
From: Reggie Griffin <regomatic@xxxxxxxxx>
Date: Wed, 19 Sep 2007 11:08:31 -0400
Authentication-results: mx.google.com; spf=pass (google.com: domain of regomatic@xxxxxxxxx designates 209.85.162.180 as permitted sender) smtp.mail=regomatic@xxxxxxxxx; dkim=pass (test mode) header.i=@xxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; bh=gRpwpYqLIzGgtbu8s7CoWdQi0q0r6bQrh05KY7fS1o8=; b=pIkO8eWbeFBLYaQbCPoaS4e8wAZOEs8gqooSJkcrzigfWzDYQSiraqVORHVXisVPOYuBk0yfOOJV1UJV5NYxXnuzNO150WJlQE+BQlhlVVzOqQW12Wxo1Fyxu3TwQps4P0iEOsPDey03apuj6CVJrCLOSAeIZDpcDb/qr/Uf9xw=

Hello,

I was wondering if there are any tutorials for customizing OSSEC to
check for processes running.
I would assume this could be done within the syscheck process, but I do
not see from the installation
instructions or within the config files where to add my own processes to
check for. It's fairly straightforward
to check for Windows processes, as I just add them to
win_applications_rcl.txt.



-Reggie

Prev by Date: [ossec-list] ossec logrotate
Next by Date: [ossec-list] No agent available
Previous by thread: [ossec-list] Re: ossec logrotate
Next by thread: [ossec-list] No agent available
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.