Integration with MS SCCM
76 views
Skip to first unread message
Irshad Rahimbux
Jun 29, 2017, 1:00:53 AM6/29/17
to ossec-list
Dear Team,
All configuration has been done in ms-sccm.cfg [which was already available].
kindly advise.
Rgds.
I would like to integrate Microsoft SCCM with OSSIM.
All configuration has been done in ms-sccm.cfg [which was already available].
Logs are coming to /var/log/alienvault/agent.log but not to /var/ossec/logs/alerts/alerts.log
Any idea why and what I am doing wrong?
kindly advise.
Rgds.
dan (ddp)
Jun 30, 2017, 5:37:04 PM6/30/17
to ossec...@googlegroups.com
> kindly advise.
>
> Rgds.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ossec-list+...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Irshad Rahimbux
Jul 7, 2017, 8:10:21 AM7/7/17
to ossec-list
I have did all the configuration in ms-sccm.cfg [existing file in plugin folder].
But still dont see anything in alerts.log.
dan (ddp)
Jul 8, 2017, 1:50:33 PM7/8/17
to ossec...@googlegroups.com
On Fri, Jul 7, 2017 at 8:10 AM, Irshad Rahimbux
<irshadra...@gmail.com> wrote:
> I have did all the configuration in ms-sccm.cfg [existing file in plugin
> folder].
>
That must be an OSSIM thing. Unrelated to OSSEC.
<irshadra...@gmail.com> wrote:
> I have did all the configuration in ms-sccm.cfg [existing file in plugin
> folder].
>
> But still dont see anything in alerts.log.
>
Then look through the archives.log for log samples from SCCM
Reply all
Reply to author
Forward
0 new messages