User Tools
сервис_ossec
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
сервис_ossec [2020/07/15 14:24] val [Сервис OSSEC] |
сервис_ossec [2020/07/21 09:36] (current) val [Просмотр отчетов] |
||
|---|---|---|---|
| Line 68: | Line 68: | ||
| ... | ... | ||
| </code> | </code> | ||
| + | ==== Контроль целостности файлов ==== | ||
| + | <code> | ||
| + | server# cat /var/ossec/etc/ossec.conf | ||
| + | </code><code> | ||
| + | ... | ||
| + | <syscheck> | ||
| + | <!-- Frequency that syscheck is executed (default every 2 hours) --> | ||
| + | <frequency>300</frequency> | ||
| + | <auto_ignore>no</auto_ignore> | ||
| + | <directories check_all="yes">/usr/local/sbin</directories> | ||
| + | ... | ||
| + | </code><code> | ||
| + | server# /var/ossec/bin/ossec-control restart | ||
| + | </code> | ||
| + | |||
| ==== Просмотр отчетов ==== | ==== Просмотр отчетов ==== | ||
| * [[https://www.ossec.net/docs/docs/programs/ossec-reportd.html|ossec-reportd]] | * [[https://www.ossec.net/docs/docs/programs/ossec-reportd.html|ossec-reportd]] | ||
| + | * [[https://www.ossec.net/docs/manual/output/reports-email-output.html|Daily E-Mail Reports]] | ||
| <code> | <code> | ||
| - | lan# cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -f level 1 | + | lan# cat /var/ossec/logs/alerts/alerts.log |
| + | |||
| + | lan# cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -f level 7 | ||
| + | |||
| + | lan# cat /var/ossec/logs/alerts/alerts.log | /var/ossec/bin/ossec-reportd -f group authentication -r user srcip | ||
| </code> | </code> | ||
сервис_ossec.1594812278.txt.gz · Last modified: 2020/07/15 14:24 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
