You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm testing Ossec as our IDPS solution, I chose the one-server-multiple-agents configuration as the agents will be installed on instances within an autoscaling group, I've managed to make everything work however the slack integration doesn't seem to work on the agents:
These are the configurations I've tried with little success
This do not work at all, and the same with <agent_id>
The closest I got were empty alerts on slack sent from the agent ossec-slack.sh script, but for my understanding it doesn't make sense as the alert should be sent from the server and not from the agent itself
The text was updated successfully, but these errors were encountered:
I'm testing Ossec as our IDPS solution, I chose the one-server-multiple-agents configuration as the agents will be installed on instances within an autoscaling group, I've managed to make everything work however the slack integration doesn't seem to work on the agents:
These are the configurations I've tried with little success
with this on the server I'll get the alerts for server related logs only, and adding this directly to agent will trigger empty alerts on slack.
This do not work at all, and the same with <agent_id>
The closest I got were empty alerts on slack sent from the agent ossec-slack.sh script, but for my understanding it doesn't make sense as the alert should be sent from the server and not from the agent itself
The text was updated successfully, but these errors were encountered: