Thanks! On Monday, February 22, 2016 at 10:27:21 AM UTC-5, dan (ddpbsd) wrote: > > > On Feb 22, 2016 10:22 AM, "thak" <tha.k...@gmail.com <javascript:>> wrote: > > > > What's the best way to get a list of the rules, ideally by rule # and > short descriptive name (e.g., like the alerts..."Rule: 5403 fired (level 4) > -> "First time user executed sudo."). I need a list to update some security > and compliance documentation prior to an upcoming audit. > > > > All of the rules are available in the /var/ossec/rules directory. I don't > think it would be too difficult to write a script to grab the names and ids. > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to ossec-list+...@googlegroups.com <javascript:>. > > For more options, visit https://groups.google.com/d/optout. >
-- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.