[osiris] How do I find a Log entry?

[Reiner Kief]

Good morning.

Well, I am not satisfied about my researches. The detected changes do  
not appear in the syslogs, even when osiris has found a change. F. i.  
the syslog only tells me sth. like this:

2008-01-16 11:07:06	User.Notice	127.0.0.1	Jan 16 11:07:06 svazdg006  
MSWinEventLog<009>1<009>Application<009>13900<009>Wed Jan 16 11:07:04  
2008<009>0<009>osirismd<009>Unknown User<009>N/ 
A<009>Information<009>SVAZDG006<009>None<009><009>Der Vorgang wurde  
erfolgreich beendet.  <009>12709

even the osiris log found this:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: Bild 1.png
Type: image/png
Size: 1885 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/osiris/attachments/20080116/25f32309/attachment.png 
-------------- next part --------------


In case the above screenshot doesn't come through:
[203][svazdg006][new][c:\windows\osiris\osiris_test.txt]

What is the reason for this? I have to see the changes in certain  
directories.

For your further information:
We are working for a payment service provider to get PCI compliance.  
The syslogs of all servers (Mac and Win) are sent to a Syslog-server  
(Kiwi). Kiwi scans the syslogs and sends emails to some admins in  
certain cases (wrong logins etc.). We want Osiris to send the  
detected changes to the syslog which is then scanned by Kiwi. We  
would like to have Kiwi as the central watch-point. We don't want to  
setup another email service besides that. Is that possible?

Thank you.

Am 15.01.2008 um 20:56 schrieb Reiner Kief:

> I startet another test today on different servers, so let's see, what
> the logs show tomorrow.



Reiner Kief
Software developer and IT-Consultant
Weinbergstrasse 45
63853 Moemlingen
Germany

office at kief-online.de
phone	+49 6022 681631
mobile	+49 160 7326056

VAT-ID: DE250520381

Member of www.die4DWerkstatt.de

http://www.linkedin.com/in/reinerkief