On Jul 19, 2015 1:51 PM, "Andries Jansen" <and...@jansen-cws.nl> wrote:
>
> Hello,
>
> Yes I've configured the log files for both log analysis and syscheck in the ossec.conf and shared/agent.conf. But I've used some wildcards (*) in the configuration and I want to be sure if all logfiles are monitored.
>
> So I thought if Ossec can show me a list of files that are monitored by Ossec, then can checked to be sure.
>
The ossec.log usually has enteies about which log files are being mobitored, and the syscheck db has all the files syscheck has seen.
> Op zaterdag 18 juli 2015 20:46:12 UTC+2 schreef theresa mic-snare:
>>
>> hi,
>>
>> you mean as in log analysis or monitoring as in file integrity monitoring (syschecks) ?!
>> actually everything should be defined in the ossec.conf if i'm not mistaken....
>>
>> Am Samstag, 18. Juli 2015 15:38:05 UTC+2 schrieb Andries Jansen:
>>>
>>> Can I get a list of log files Ossec is monitoring? I've used some wildcards and I want to know if Ossec is monitoring the right files.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--