After going through a security audit with my current employer something came up that I cannot figure out how to solve. No one online seems to have ran into this. The auditor wants us to log and alert access to the /var/ossec/logs folder. I can do this, but every alert creates a log change thus creates another alert and log change, etc, etc, etc. Has anyone ever had to do this and cold help me?
-- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
