Dear all

When i configure the tripwire... twpol.txt is not updating with the emailto option. i checked the seveiority level also.. i can get the testmail through tripwire...


i am facing the problem like as follows



[root@station mail]# mail
Mail version 8.1 6/6/93. Type ? for help.
"/var/spool/mail/root": 5 messages 5 unread
>U 1 root@localhost.local Thu Aug 11 10:30 45/1795 "LogWatch for station"
U 2 root@localhost.local Thu Aug 11 10:30 86/3151 "LogWatch for station"
U 3 root@localhost.local Thu Aug 11 14:52 18/681 "hai"
U 4 root@localhost.local Thu Aug 11 15:12 18/670 "hai"
U 5 tripwire@localhost.l Thu Aug 11 15:22 20/852 "Test email message from Tripwire"
& q
Held 5 messages in /var/spool/mail/root

[root@station mail]# cd /etc/tripwire/

[root@station tripwire]# ls
site.key tw.cfg twcfg.txt tw.pol twpol.txt
station-local.key tw.cfg.11031.bak twinstall.sh tw.pol.bak

[root@station tripwire]# vi twpol.txt

[root@station tripwire]# twadmin --create-polfile -S site.key /etc/tripwire/twpol.txt
### Error: Severity value outside of allowable limits.
### 80emailto: Line number 558
### Exiting...
The policy file was not altered.
[root@station tripwire]# vi twpol.txt


If i remove the severity level in that rule, polocy file has updated. But tripwire is not send the mails to account

Kindly help me

"Everything is possible"

It looks like you are missing a newline between the 80 and the emailto.

I have to put "," for next line right, Done

(
rulename = "Operating System Utilities",
severity = 80,
emailto = root@station
)

It is working fine... Thanks

No problem. Glad you got it working.