tag:blogger.com,1999:blog-7652481.post6777771618290011673..comments2011-05-19T20:01:46.723-04:00Comments on Infosec Potpourri: Switching to Sguil: A whole new meaningDavid Biancohttp://www.blogger.com/profile/09760835714791462863noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-7652481.post-77807268881369054692011-05-19T20:01:46.723-04:002011-05-19T20:01:46.723-04:00Hi,
I have installed sguil and have an installatio...Hi,<br />I have installed sguil and have an installation of ossec. I'm trying the ossec_agent.tcl in order to see ossec alerts on sguil, but I'm getting an error message. Can you give me a clue?<br />--------------------------<br />wrong # args: should be "regsub ?switches? exp string subSpec varName"<br /> while executing<br />"regsub {(?x)<br /> ^::ffff:<br /> } $retVal """<br /> (procedure "ResolveHostname" line 16)<br /> invoked from within<br />"ResolveHostname $agent"<br /> (procedure "ProcessData" line 112)<br /> invoked from within<br />"ProcessData $line"<br /> (procedure "ReadFile" line 13)<br /> invoked from within<br />"ReadFile $fileID"<br /> (procedure "InitAgent" line 43)<br /> invoked from within<br />"InitAgent"<br /> (file "./ossec_agent.tcl" line 684)<br />-----------------------<br />many thanks and keep the good work!Oscarhttp://www.blogger.com/profile/07119001974118064457noreply@blogger.com