Hello List
Is it possible to define an agent to load only specific rules file ,
for instance i need to monitor a machine for only it's SSH activity ,
and i do not need all the other check .
Or is there a way to have a rule that will block all alerts for a
machine except for SSH alerts and those to flag in priority X ?
Thanks
--
Assaf Flatto
Linux System Administrator
No.9 | 6 Portal Way | London | W3 6RU |
T: +44 (0)20 8896 8405 | M: +44 (0)75 3568 1067
-----------------------------------------------------------------------------------------------------------------------------------------
LOVEFiLM UK Limited is a company registered in England and Wales.
Registered Number: 06528297.
Registered Office: No.9, 6 Portal Way, London W3 6RU, United Kingdom.
This e-mail is confidential to the ordinary user of the e-mail address to which it was addressed. If you have received it in error,
please delete it from your system and notify the sender immediately.
This email message has been delivered safely and archived online by Mimecast.
For more information please visit http://www.mimecast.co.uk
-----------------------------------------------------------------------------------------------------------------------------------------
To unsubscribe from this group, send email to ossec-list+unsubscribegooglegroups.com or
reply to this email with the words "REMOVE ME" as the subject.
