Check Owner option doesn't works in windows agent #1425
Comments
|
msdn stat() function: "st_uid - Numeric identifier of user who owns file (UNIX-specific). This field will always be zero on Windows systems." |
|
Maybe something from here can be adapted. |
|
Yes, that's exactly what should be and will be done |
|
Pull request #1428 has been merged. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Deploy HIDS agent on Windows
Add real-time monitoring for C:\Test directory in agent ossec.conf
C:\Test
Create 1.txt file in C:\Test folder
/etc/init.d/ossec restart
Check that C:\Test directory is being monitored in real time by ossec agent and wait until real-time file monitoring starts by writing something into 1.txt and checking tail of ossec.log
Change the file owner of the 1.txt thru File Properties dialog and check ossec.log
Actual Behavior: No log events appears in ossec.log
Expected Behavior: ossec.log should contain data about owner change detection and event should be sent to server
The text was updated successfully, but these errors were encountered: