V
vamsi_k
Guest
FYI...
Installed OSSEC server version 2.6 in Cent OS 6.2 and agents are web servers
installed in chroot environment.
Moreover ossec server and apache (web servers are agents) are installed in separate machines.
In ossec.conf file, added below configuration in both server and agent.
<localfile>
<log_format>syslog</log_format>
<location>/chroot/site/usr/local/apache/logs/error_log</location>
</localfile>
Already in decoder.xml and in rules folder apache related configuration is set
by default.
Problem : Ossec is not working for apache logs, not even generating
mails related to Apache errors , rest of the ossec part is working as needed.
Please guide me what has to be done to solve the issue.
Installed OSSEC server version 2.6 in Cent OS 6.2 and agents are web servers
installed in chroot environment.
Moreover ossec server and apache (web servers are agents) are installed in separate machines.
In ossec.conf file, added below configuration in both server and agent.
<localfile>
<log_format>syslog</log_format>
<location>/chroot/site/usr/local/apache/logs/error_log</location>
</localfile>
Already in decoder.xml and in rules folder apache related configuration is set
by default.
Problem : Ossec is not working for apache logs, not even generating
mails related to Apache errors , rest of the ossec part is working as needed.
Please guide me what has to be done to solve the issue.