not receiving alerts on email.
45 views
Skip to first unread message
siddharth jha
Jun 16, 2020, 7:21:52 AM6/16/20
to ossec-list
Hi,
I'm new in ossec and recently install OSSEC 3.6.0 on Ubuntu 18.04.04 server successfully.
also add some win. agent and i can see alerts on ossec web-ui but i'm not receiving any alerts on email.
need suggestion how should i configure alerts to get same over the email also .
Thanks
dan (ddp)
Jun 17, 2020, 8:23:42 AM6/17/20
to ossec...@googlegroups.com
Do you see any errors in your smtp server's logs (often /var/log/maillog)?
> --
>
> ---
> You received this message because you are subscribed to the Google Groups "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/a9ff0723-17c0-4707-b53d-df1f0d4b96fbo%40googlegroups.com.
siddharth jha
Jun 19, 2020, 7:30:50 AM6/19/20
to ossec-list
yes i hv selected smtp as localhost.and using sendmail to do this process.
and getting msg in maillog
Jun 19 16:25:42 OssecVM sm-mta[25838]: 05GCIXFs019057: to=<na...@domain.co.in>, ctladdr=<root@localhost> (0/0), delay=2+22:37:09, xdelay=00:00:00, mailer=esm$$er=esmtp, pri=38460588, relay=mailstore1.secureserver.net., dsn=4.0.0, stat=Deferred$er=esmtp, pri=38460588, relay=mailstore1.secureserver.net., dsn=4.0.0, stat=Deferred
can you suggest something?
Thank You
On Wednesday, June 17, 2020 at 5:53:42 PM UTC+5:30, dan (ddpbsd) wrote:
On Tue, Jun 16, 2020 at 7:21 AM siddharth jha <siddha...@gmail.com> wrote:
>
> Hi,
>
> I'm new in ossec and recently install OSSEC 3.6.0 on Ubuntu 18.04.04 server successfully.
> also add some win. agent and i can see alerts on ossec web-ui but i'm not receiving any alerts on email.
> need suggestion how should i configure alerts to get same over the email also .
> Thanks
>
Did you configure the smtp server in /var/ossec/etc/ossec.conf?
Do you see any errors in your smtp server's logs (often /var/log/maillog)?
> --
>
> ---
> You received this message because you are subscribed to the Google Groups "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ossec...@googlegroups.com.
Stefan Fuhrmann
Jun 19, 2020, 9:54:25 AM6/19/20
to ossec...@googlegroups.com
Ahoi,
your mail relay need authentication?
Can you
telnet mailstore1.secureserver.net 25
from ossec machine to the mail relay?
Stefan
Am 19.06.20 um 13:30 schrieb siddharth
jha:
To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/42dad815-132e-49d5-b159-aae10e48775eo%40googlegroups.com.
dan (ddp)
Jun 21, 2020, 10:15:16 AM6/21/20
to ossec...@googlegroups.com
On Fri, Jun 19, 2020 at 7:30 AM siddharth jha <siddha...@gmail.com> wrote:
>
> yes i hv selected smtp as localhost.and using sendmail to do this process.
> and getting msg in maillog
>
> Jun 19 16:25:42 OssecVM sm-mta[25838]: 05GCIXFs019057: to=<na...@domain.co.in>, ctladdr=<root@localhost> (0/0), delay=2+22:37:09, xdelay=00:00:00, mailer=esm$$er=esmtp, pri=38460588, relay=mailstore1.secureserver.net., dsn=4.0.0, stat=Deferred$er=esmtp, pri=38460588, relay=mailstore1.secureserver.net., dsn=4.0.0, stat=Deferred
>
> can you suggest something?
> Thank You
>
My guess would be some issue between your sendmail and secureserver,
>
> yes i hv selected smtp as localhost.and using sendmail to do this process.
> and getting msg in maillog
>
> Jun 19 16:25:42 OssecVM sm-mta[25838]: 05GCIXFs019057: to=<na...@domain.co.in>, ctladdr=<root@localhost> (0/0), delay=2+22:37:09, xdelay=00:00:00, mailer=esm$$er=esmtp, pri=38460588, relay=mailstore1.secureserver.net., dsn=4.0.0, stat=Deferred$er=esmtp, pri=38460588, relay=mailstore1.secureserver.net., dsn=4.0.0, stat=Deferred
>
> can you suggest something?
> Thank You
>
but I don't know how to set up either of those things.
>
>
> On Wednesday, June 17, 2020 at 5:53:42 PM UTC+5:30, dan (ddpbsd) wrote:
>>
>> On Tue, Jun 16, 2020 at 7:21 AM siddharth jha <siddha...@gmail.com> wrote:
>> >
>> > Hi,
>> >
>> > I'm new in ossec and recently install OSSEC 3.6.0 on Ubuntu 18.04.04 server successfully.
>> > also add some win. agent and i can see alerts on ossec web-ui but i'm not receiving any alerts on email.
>> > need suggestion how should i configure alerts to get same over the email also .
>> > Thanks
>> >
>>
>> Did you configure the smtp server in /var/ossec/etc/ossec.conf?
>> Do you see any errors in your smtp server's logs (often /var/log/maillog)?
>>
>> > --
>> >
>> > ---
>> > You received this message because you are subscribed to the Google Groups "ossec-list" group.
>> > To unsubscribe from this group and stop receiving emails from it, send an email to ossec...@googlegroups.com.
>> > To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/a9ff0723-17c0-4707-b53d-df1f0d4b96fbo%40googlegroups.com.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups "ossec-list" group.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/42dad815-132e-49d5-b159-aae10e48775eo%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages