it could be possible to write a script to do exports to plain text from the db to ossec, index the files in ossec them remove then on a crontab or some other scheduler... at least this is what i woudl try.
On Tue, Jul 19, 2011 at 8:33 AM, dan (ddp) <ddp...@gmail.com> wrote: > There's no real support for this. OSSEC is designed to work with plain > text logfiles and windows event logs. > > On Tue, Jul 19, 2011 at 3:03 AM, Tobias Dinse <tobi...@googlemail.com> wrote: >> Hi all, >> >> I m actually testing OSSEC on our virtual test maschine. I have a running >> rsyslog (Logs stored in Postgresql DB) with Logfiles from other Servers, >> too. >> >> Is it possible to configure ossec to check the Log entrys from the >> psql-Database? >> >> >> Thanks in advance >> >> Tobias >> > -- Gallia est omnes divisa in partes tres. LIT(All Gaul is divided into three parts) Divide a problem into parts, understand each on its own terms, and plan your campaign Julius Caesar . GoogleVoice (614) 489-9522
