Windows 2012 logs missing
26 views
Skip to first unread message
Rashad Mogsi
Jun 17, 2020, 9:15:30 AM6/17/20
to ossec-list
i have installed OSSEM Server on Esxi and i can't receve any logs form the Windows server .
is there any configurations should i do from the OSSEM or from the windows so i can see the logs
any one can answer?
dan (ddp)
Jun 17, 2020, 9:19:29 AM6/17/20
to ossec...@googlegroups.com
On Wed, Jun 17, 2020 at 9:15 AM Rashad Mogsi <rashad...@gmail.com> wrote:
>
> i have installed OSSEM Server on Esxi and i can't receve any logs form the Windows server .
> is there any configurations should i do from the OSSEM or from the windows so i can see the logs
>
OSSEM or OSSEC? I can't help you with OSSEM.
>
> i have installed OSSEM Server on Esxi and i can't receve any logs form the Windows server .
> is there any configurations should i do from the OSSEM or from the windows so i can see the logs
>
If you're using OSSEC, did you install the agent software on the Windows host?
Did you add the agent to the OSSEC server?
> any one can answer?
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/a83de371-51aa-4cb8-9422-9c253698cf0bo%40googlegroups.com.
Rashad Mogsi
Jun 17, 2020, 9:26:31 AM6/17/20
to ossec-list
first thx for the replay
and i did install the ossec-hids -agent and its active on the ossem server.
and i did install the ossec-hids -agent and its active on the ossem server.
so i cant receive any logs in the OSSEM WEB.
so i want to know how to change refresh rate of reciving logs from the server to WEB interface GUI.
Thank you again for your attention .
On Wednesday, June 17, 2020 at 6:19:29 AM UTC-7, dan (ddpbsd) wrote:
On Wed, Jun 17, 2020 at 9:15 AM Rashad Mogsi <rashad...@gmail.com> wrote:
>
> i have installed OSSEM Server on Esxi and i can't receve any logs form the Windows server .
> is there any configurations should i do from the OSSEM or from the windows so i can see the logs
>
OSSEM or OSSEC? I can't help you with OSSEM.
If you're using OSSEC, did you install the agent software on the Windows host?
Did you add the agent to the OSSEC server?
> any one can answer?
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ossec...@googlegroups.com.
dan (ddp)
Jun 17, 2020, 11:03:11 AM6/17/20
to ossec...@googlegroups.com
On Wed, Jun 17, 2020 at 9:26 AM Rashad Mogsi <rashad...@gmail.com> wrote:
>
> first thx for the replay
> and i did install the ossec-hids -agent and its active on the ossem server.
> so i cant receive any logs in the OSSEM WEB.
> so i want to know how to change refresh rate of reciving logs from the server to WEB interface GUI.
>
You can check the /var/ossec/logs/alerts.log file on the OSSEC server
>
> first thx for the replay
> and i did install the ossec-hids -agent and its active on the ossem server.
> so i cant receive any logs in the OSSEM WEB.
> so i want to know how to change refresh rate of reciving logs from the server to WEB interface GUI.
>
to see if the agent is triggering alerts.
If you turn on the logall option on the OSSEC server, you can check
/var/ossec/logs/archives/archives.log to make sure the agent is
sending logs to the OSSEC server.
I don't know enough about OSSEM to help with that though.
>
> Thank you again for your attention .
>
> On Wednesday, June 17, 2020 at 6:19:29 AM UTC-7, dan (ddpbsd) wrote:
>>
>> On Wed, Jun 17, 2020 at 9:15 AM Rashad Mogsi <rashad...@gmail.com> wrote:
>> >
>> > i have installed OSSEM Server on Esxi and i can't receve any logs form the Windows server .
>> > is there any configurations should i do from the OSSEM or from the windows so i can see the logs
>> >
>>
>> OSSEM or OSSEC? I can't help you with OSSEM.
>> If you're using OSSEC, did you install the agent software on the Windows host?
>> Did you add the agent to the OSSEC server?
>>
>> > any one can answer?
>> >
>> > --
>> >
>> > ---
>> > You received this message because you are subscribed to the Google Groups "ossec-list" group.
>> > To unsubscribe from this group and stop receiving emails from it, send an email to ossec...@googlegroups.com.
>> > To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/a83de371-51aa-4cb8-9422-9c253698cf0bo%40googlegroups.com.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups "ossec-list" group.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/4e30c221-728d-4743-a2ab-914de0bb27e6o%40googlegroups.com.
Rashad Mogsi
Jun 18, 2020, 3:05:32 AM6/18/20
to ossec-list
I will keep trying maybe i can find the solution for it
and thank you for your time
and thank you for your time
> To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/4e30c221-728d-4743-a2ab-914de0bb27e6o%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages