Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!-- OSSEC example config -->
- <ossec_config>
- <client>
- <server-ip>192.168.190.20</server-ip>
- </client>
- <syscheck>
- <!-- Frequency that syscheck is executed -- default every 2 hours -->
- <frequency>60</frequency>
- <!-- Directories to check (perform all possible verifications) -->
- <directories report_changes="yes" check_all="yes" realtime="yes">/etc,/usr/bin,/usr/sbin</directories>
- <directories report_changes="yes" check_all="yes" realtime="yes">/bin,/sbin</directories>
- <directories report_changes="yes" check_all="yes" realtime="yes">/var/www</directories>
- <!-- Files/directories to ignore -->
- <ignore>/etc/mtab</ignore>
- <ignore>/etc/hosts.deny</ignore>
- <ignore>/etc/mail/statistics</ignore>
- <ignore>/etc/random-seed</ignore>
- <ignore>/etc/adjtime</ignore>
- <ignore>/etc/httpd/logs</ignore>
- </syscheck>
- <rootcheck>
- <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
- <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
- </rootcheck>
- <localfile>
- <log_format>syslog</log_format>
- <location>/var/log/messages</location>
- </localfile>
- <localfile>
- <log_format>syslog</log_format>
- <location>/var/log/authlog</location>
- </localfile>
- <localfile>
- <log_format>syslog</log_format>
- <location>/var/log/secure</location>
- </localfile>
- <localfile>
- <log_format>syslog</log_format>
- <location>/var/log/xferlog</location>
- </localfile>
- <localfile>
- <log_format>syslog</log_format>
- <location>/var/log/maillog</location>
- </localfile>
- <localfile>
- <log_format>apache</log_format>
- <location>/var/www/logs/access_log</location>
- </localfile>
- <localfile>
- <log_format>apache</log_format>
- <location>/var/www/logs/error_log</location>
- </localfile>
- </ossec_config>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement