Hello, I have a question
It is possible to send ossec group/s when I use syslog_output?
For example, in the file alert.log I have this log:
** Alert 1462920563.18241: - syslog,access_control,authentication_failed,
2016 May 10 15:49:23 localhost->/var/log/secure
Rule: 2501 (level 5) -> 'User authentication failure.'
May 10 15:49:23 localhost pam: gdm-password: pam_unix(gdm-password:auth):
authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost=
user=user
I want to have information about groups in kibana, for searchs:
"syslog,access_control,authentication_failed"
It is possible?
Thanks!
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
