hello can who help me! I want to write local.rules for when someone login the server ossec will mail to me,but no any respose or email to me.
i am trying study and write myself rules, please help me
thank you
local.rules like
<rule id="100001" level="7">
<if_group>authentication_success</if_group>
<match>Accepted password</match>
<options>alert_by_email</options>
<description>login begin by someone </description>
</rule>
