Avatar

mmurphy

  • Total activity 17
  • Last activity
  • Member since
  • Following 0 users
  • Followed by 0 users
  • Votes 0
  • Subscriptions 9

Activity overview

Latest activity by mmurphy
  • Avatar

    mmurphy created an article,

    How to Capture System Logs/Syslog for 1002 Alerts

    1. In the UI go to Settings > ASL Configuration > Host Intrusion Detection System >Enable Full Log retentionHIDS_ARCHIVE_ALLBy default ASL only retains Alert logs, enabling this will archive all lo...

  • Avatar

    mmurphy created an article,

    Update to New User Interface

    Atomic Enterprise OSSEC v5.5 Installation Download and run the Atomic Enterprise OSSEC Beta installer by running the following command as root: wget -q -O - https://updates.atomicorp.com/install...

  • Avatar

    mmurphy created an article,

    High CPU load

    There are ways to reduce some of the CPU load from services such as analysisd, syscheckd, mysql and the openscap scan in OSSEC. Analysisd receives the log messages and compares them to the rules. I...

  • Avatar

    mmurphy created an article,

    GUI Not Initializing

    This can happen for a number of different reasons. The key is to make sure the server has proper hardware specs along with checking the logs for errors. Sending us data points from the troubleshoot...

  • Avatar

    mmurphy created an article,

    Manually Deleting Agents from AEO

    This article provides steps on how to remove an agent from the AEO Manager. Step 1: Use the manage agents service to remove the agent from the Manager. Provide the ID of the agent you want to remov...

  • Avatar

    mmurphy created an article,

    HTTP request sent, awaiting response... 401 Authorization Required

    This can mean: The license manager username and/or password is incorrect and you need to configure ASL to use the correct credentials. The username and/or the password is incorrect and you need to...

  • Avatar

    mmurphy created an article,

    Adding a Hostname or IP to the Dynamic White List in ASL

    In order to add a hostname or IP to the dynamic whitelist, you must first add the hostname or IP in the file: /etc/asl/dyn-whitelist. This can be done via the command line on your server. You will ...

  • Avatar

    mmurphy created an article,

    Distributed_update remote fail

    2 302 Core::distributed_update remote fail: E_CONNECT 28 .. www3.atomicorp.com/channels/rules/VERSION  3 301 Core::check_versions ASL Version list could not be retrieved.    If you see errors such ...