--- etc/ossec-agent.conf 2006-05-06 09:40:18.000000000 -0400 +++ etc/ossec-agent.conf.new 2007-06-15 11:59:48.000000000 -0400 @@ -2,7 +2,7 @@ <ossec_config> <client> - <server-ip>192.168.10.100</server-ip> + <server-ip>127.0.0.1</server-ip> </client> <syscheck> @@ -15,11 +15,15 @@ <!-- Files/directories to ignore --> <ignore>/etc/mtab</ignore> + <ignore>/etc/mnttab</ignore> <ignore>/etc/hosts.deny</ignore> <ignore>/etc/mail/statistics</ignore> <ignore>/etc/random-seed</ignore> <ignore>/etc/adjtime</ignore> <ignore>/etc/httpd/logs</ignore> + <ignore>/etc/utmpx</ignore> + <ignore>/etc/wtmpx</ignore> + <ignore>/etc/cups/certs</ignore> </syscheck> <rootcheck> @@ -34,31 +38,22 @@ <localfile> <log_format>syslog</log_format> - <location>/var/log/authlog</location> - </localfile> - - <localfile> - <log_format>syslog</log_format> <location>/var/log/secure</location> </localfile> <localfile> <log_format>syslog</log_format> - <location>/var/log/xferlog</location> - </localfile> - - <localfile> - <log_format>syslog</log_format> <location>/var/log/maillog</location> </localfile> <localfile> <log_format>apache</log_format> - <location>/var/www/logs/access_log</location> + <location>/var/log/httpd/error_log</location> </localfile> <localfile> <log_format>apache</log_format> - <location>/var/www/logs/error_log</location> + <location>/var/log/httpd/access_log</location> </localfile> + </ossec_config>