I have started to use ossec on a new server and suddenly today I could not log into it via ssh. I am not too sure what exactly have happened the last messages I got from my email is this
OSSEC HIDS Notification. 2014 Jan 26 04:05:19 Received From: pro1->/var/log/maillog Rule: 11 fired (level 4) -> "Excessive number of events (above normal)." Portion of the log(s): The average number of logs between 4:00 and 5:00 is 147. We reached 398. --END OF NOTIFICATION. Could it be due to this abnormality? -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
