[osiris] Re: Multiple scan configs for a single host
Jolly
Jolly at AJollyLife.com
Fri Mar 2 14:12:27 EST 2007
I'll try that out - if not, I will recompile and install multiple
OsirisD agents on each box.
Thanks for your help!
Apneet Jolly
-----Original Message-----
From: osiris-bounces+jolly=ajollylife.com at lists.shmoo.com
[mailto:osiris-bounces+jolly=ajollylife.com at lists.shmoo.com] On Behalf
Of Dave Vasil
Sent: Thursday, March 01, 2007 2:37 PM
To: Osiris Users
Subject: [osiris] Re: Multiple scan configs for a single host
Jolly wrote:
> Does anyone have a suggestion for having multiple scan configs for a
> single host - without running multiple agents on a host?
>
> I'm interested in checking mod_users, mod_groups, mod_ports, &
mod_kmods
> every 5 minutes, and then doing a limited file system scan (without
> hashing) every 30 minutes.
>
> (The high scanning frequency is because this deployment of Osiris will
> be used in the upcoming Midwest Regional Collegiate Cyber Defense
> Competition)
> I deployed Osiris at the state competition, but would have liked to
scan
> for user/port changes more frequently than doing a full system scan.
You may be able to do this by adding two hosts with different names but
the same ip address and configuring the first one to scan every 5
minutes with a minimal config, and the second scanning every 30 minutes
with the full config.
There is no way to define multiple scanning schedules for a single host
within osiris.
-dave
_______________________________________________
osiris mailing list
osiris at lists.shmoo.com
https://lists.shmoo.com/mailman/listinfo/osiris
More information about the osiris
mailing list