Get list of files Ossec is monitoring
Andries Jansen
theresa mic-snare
you mean as in log analysis or monitoring as in file integrity monitoring (syschecks) ?!
actually everything should be defined in the ossec.conf if i'm not mistaken....
Andries Jansen
Op zaterdag 18 juli 2015 20:46:12 UTC+2 schreef theresa mic-snare:
dan (ddp)
On Jul 19, 2015 1:51 PM, "Andries Jansen" <and...@jansen-cws.nl> wrote:
>
> Hello,
>
> Yes I've configured the log files for both log analysis and syscheck in the ossec.conf and shared/agent.conf. But I've used some wildcards (*) in the configuration and I want to be sure if all logfiles are monitored.
>
> So I thought if Ossec can show me a list of files that are monitored by Ossec, then can checked to be sure.
>
The ossec.log usually has enteies about which log files are being mobitored, and the syscheck db has all the files syscheck has seen.
> Op zaterdag 18 juli 2015 20:46:12 UTC+2 schreef theresa mic-snare:
>>
>> hi,
>>
>> you mean as in log analysis or monitoring as in file integrity monitoring (syschecks) ?!
>> actually everything should be defined in the ossec.conf if i'm not mistaken....
>>
>> Am Samstag, 18. Juli 2015 15:38:05 UTC+2 schrieb Andries Jansen:
>>>
>>> Can I get a list of log files Ossec is monitoring? I've used some wildcards and I want to know if Ossec is monitoring the right files.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Santiago Bassett
--