I tried to overwrite the predefined external storage detection code by
including the following in local_rules.xml
<rule id="532" level="0" overwrite="yes" >
<if_sid>531</if_sid>
<match>cdrom|/media|usb|/mount|floppy|dvd</match>
<description>Detected external medias.</description>
</rule>
But its not detecting usb storage..
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
