How is this related to this thread? Why did you post this same message
multiple times?

On Tue, Aug 21, 2012 at 7:12 AM, Kholidy <hisham.doc...@gmail.com> wrote:
> What about the evaluation using a specific attacks. Are there any rules
> available online for some kind of attacks like DOS or SQL injection. Is
> there any one has evualuated OSSEC against some attacks and get alerts that
> explain that there is an attack detected. Right now, we get only alerts
> with level numbers without any information about attack name or type.
>
>
> On Saturday, April 14, 2012 11:01:18 AM UTC-7, dan (ddpbsd) wrote:
>>
>> Syslog severity plays no role in OSSEC.
>>
>> On Apr 14, 2012 1:58 PM, "ignasr" <ign...@vault13.lt> wrote:
>>>
>>> Hello all,
>>>
>>> what should I do if I want OSSEC to send email notifications on
>>> severity err and higher of messages, read from a syslog <localfile>?
>>> Syslog events from several servers are written to that file.
>>>
>>> It seams there is no simple way of doing that, because message
>>> severity is not saved to a syslog file.
>>>
>>> Thank you,
>>> IgnasR
>>>
>>> p.s. sorry for a double post. My previous post can be deleted.

Reply via email to