I have recently installed OSSIM 5.6.5 on a Virtual platform.
After installation following is the issue I am facing :
- The agents which are in sync with the OSSIM server using OSSEC agent are staying active for 48 hours approx and then going in an offline state.
- The agents when are in an active state do not send logs to the OSSIM Server.
- The few logs that are getting captured are showing IP Address as 0.0.0.0 in source and destination.
Need to fix this on an urgent basis.