[osiris] Setting up syslog

Joseph A. Kocan JKocan at neweve.net
Fri Jan 18 01:12:41 EST 2008 

I have had some issues setting up Osiris using Windows as the management server and events. I was having all sorts of trouble getting events to correctly be sent to the Kiwi Syslog server. I ended up having to create a custom .dll file for osiris so it would properly report events in windows and then get sent to the syslog server.

Here is the scenario:

- Windows log server running Kiwi Syslog.
- Osiris management server running Windows.
- A bunch of windows servers (SQL, IIS, etc.) running Snare.

I had so much trouble I documented in detail so others could repeat it.


You can get them here:

http://www.neweve.net/support/Kiwi-Syslog-Configuraiton-Standard.pdf

http://www.neweve.net/support/Osiris-Configuration-Standard.pdf

Joe

-----Original Message-----
From: osiris-bounces at lists.shmoo.com [mailto:osiris-bounces at lists.shmoo.com] On Behalf Of Apneet Jolly
Sent: Thursday, January 17, 2008 9:11 PM
To: Osiris Users
Subject: Re: [osiris] Setting up syslog

Keep in mind that on windows, not all osiris events and logs are sent to the windows event log.

You will need to either enable e-mail alerts, read the logs from the osiris directory, or use a linux server host.

Apneet Jolly

-----Original Message-----
From: Reiner Kief <office at kief-online.de>
Sent: Thursday, January 17, 2008 2:09 PM
To: Osiris Users <osiris at lists.shmoo.com>
Subject: [osiris]  Setting up syslog


Hi Gary.

Have you found a solution for your problem?
We are also working to become PCI compliant and have the same
problems as you had. We don't get the changes of the agents reported
into the syslogs of the management host, only the status reports of
Osiris (scan started etc.). We also tried to send emails, but they
don't come through, even the testmails.

I'd appreciate any help or hint.

Reiner Kief
Software developer and IT-Consultant
Weinbergstrasse 45
63853 Moemlingen
Germany

office at kief-online.de
phone   +49 6022 681631
mobile  +49 160 7326056

VAT-ID: DE250520381

Member of www.die4DWerkstatt.de

http://www.linkedin.com/in/reinerkief


_______________________________________________
osiris mailing list
osiris at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/osiris


_______________________________________________
osiris mailing list
osiris at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/osiris

More information about the osiris mailing list