ossec-syscheckd(1702): INFO: No directory provided for syscheck to monitor; Segmentation fault

i’m playing around with ossec 2.6. i’m trying to set up server for agentless monitoring of multiple linux boxes.

after installation [where i answered no for most of the question] i’ve run into the following problem:

pQd-ossec:/usr/src/ossec-hids-2.6# /opt/ossec/bin/ossec-control start
Starting OSSEC HIDS v2.6 (by Trend Micro Inc.)...
OSSEC analysisd: Testing rules failed. Configuration error. Exiting.
Started ossec-maild...
Started ossec-execd...
Started ossec-analysisd...
Started ossec-logcollector...
Started ossec-remoted...
2011/12/28 16:39:57 ossec-syscheckd(1702): INFO: No directory provided for syscheck to monitor.
Segmentation fault

to make things work and not segfault on config generated by the installer i had to modify /opt/ossec/etc/ossec.conf and add:

  <syscheck>
      <directories check_all="yes">/etc</directories>
  </syscheck>

3 thoughts on “ossec-syscheckd(1702): INFO: No directory provided for syscheck to monitor; Segmentation fault

  1. I am using OSSEC for local network sucerity and i am finding it weary useful!I am aver that you have lots of questions about similar problems but i am left out of options so i need to ask you directly.I am building decoder and i am having problem with date format. Problem is in letter t in date format. so if you can advise me where to look or give me regex for this date format i would be greatly thankful.Thank you in advance.Gojko

Leave a Reply

Your email address will not be published. Required fields are marked *

(Spamcheck Enabled)