On Wednesday 19 October 2011 12:50:57 pm Dimitri Yioulos wrote: > All, > > It's a bit embarrassing that I can't figure out how to stop > this particular alert, but I don't know how. Here's the > situation: > > I have Sophos anti-virus installed on some of my Linux boxes. > I keep getting Ossec alerts like the following: > > 2011 Oct 19 11:21:59 Rule Id: 1002 level: 2 > Location: (plymouth) 192.168.1.2->/var/log/messages > Unknown problem somewhere in the system. > Oct 19 11:21:59 plymouth savd: savscan.log: On-demand scan > details: master boot records scanned: 0, boot records scanned: > 0, files scanned: 3, scan errors: 0, viruses detected: 0, > infected files detected: 0 > > Obviously, I don't want this event to alert. What do I have to > do in Ossec to prevent this specific alert? > > Many thanks. > > Dimitri
I'm such a knob! Sorry for the noise. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
