Login or Register to Ask a Question and Join Our Community


Red Hat

Regding OSSEC

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat Regding OSSEC
# 1  
Old 05-07-2012
Regding OSSEC
FYI...

Installed OSSEC server version 2.6 in Cent OS 6.2 and agents are web servers

installed in chroot environment.

Moreover ossec server and apache (web servers are agents) are installed in separate machines.


In ossec.conf file, added below configuration in both server and agent.

<localfile>
<log_format>syslog</log_format>
<location>/chroot/site/usr/local/apache/logs/error_log</location>
</localfile>


Already in decoder.xml and in rules folder apache related configuration is set

by default.


Problem : Ossec is not working for apache logs, not even generating


mails related to Apache errors , rest of the ossec part is working as needed.

Please guide me what has to be done to solve the issue.
Login or Register to Ask a Question

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. Cybersecurity

Not being able to run SYSCHEKD in OSSEC local (HIDS)

I am newbee to OSSEC. My objective is to install OSSEC in a ubuntu 10.04 server, configure it and then install rootkits, tamper files and then scan for possible notification and alerts. BUT I tired and then changed few setting in ossec.conf but its nearly similar to default setting. After... (1 Reply)
Discussion started by: metalaarif
1 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

bup-web

bup-ftp(1)						      General Commands Manual							bup-ftp(1)

NAME

       bup-web - Start web server to browse bup repositiory

SYNOPSIS

       bup web [[hostname]:port]

DESCRIPTION

       bup web	starts	a web server that can browse bup repositories.	The file hierarchy is the same as that shown by bup-fuse(1), bup-ls(1) and
       bup-ftp(1).

       hostname and port default to 127.0.0.1 and 8080, respectively, and hence bup web will only offer up  the  web  server  to  locally  running
       clients.  If you'd like to expose the web server to anyone on your network (dangerous!) you can omit the bind address to bind to all avail-
       able interfaces: :8080.

EXAMPLE

	      $ bup web
	      Serving HTTP on 127.0.0.1:8080...
	      ^C

	      $ bup web :8080
	      Serving HTTP on 0.0.0.0:8080...
	      ^C

SEE ALSO

       bup-fuse(1), bup-ls(1), bup-ftp(1), bup-restore(1)

BUP

       Part of the bup(1) suite.

AUTHORS

       Joe Beda <jbeda@gmail.com>.

Bup unknown-																bup-ftp(1)