Hi All, just wondering whether there would be a way to have separate alert.log files generated by source IP (or even by agent name)? For instance, all inputs from 192.168.1.0/24 go in alert1.log, all inputs from 192.168.2.0/24 go alert2.log, etc..
Not sure whether the topic has already been covered in the past (at least, under this perspective), but that would definitely be a great to have. Thanks in advance for any input on this! S. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
