OSSEC analysisd: Testing rules failed. Configuration error. Exiting.

When you start Ossec version 2.6 there is this message:


OSSEC analysisd: Testing rules failed. Configuration error. Exiting.
Started ossec-csyslogd...
2012/07/01 21:13:22 ossec-maild: INFO: E-Mail notification disabled. Clean Exit.

This is because in /var/ossec/bin/ossec-control the path of ossec-logtest is wrong.

The location of ossec-logtest is /var/ossec/ossec-logtest which is wrong, ossec-logtest is in /var/ossec/bin/ directory, either you change the ossec-control source code to echo | ${DIR}/bin/ossec-logtest > /dev/null 2>&1; or use a symbolic link ln -s /var/ossec/bin/ossec-logtest /var/ossec/ossec-logtest

Advertisements
This entry was posted in IDS/IPS, Security and tagged , . Bookmark the permalink.

2 Responses to OSSEC analysisd: Testing rules failed. Configuration error. Exiting.

  1. Thank you very much. It will definitely help in exams.

  2. gouse says:

    again its showing the same problem…wt to do tell me please.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s