Re: [ossec-list] ossec-maild tags
On Thu, Mar 13, 2014 at 3:01 AM, Gaurav Rajput gx1...@gmail.com wrote: Hi, I have 3 different infrastructures (Development, Production and Testing), running the same configuration (with same ip-address and subnet) and nodes. I have 3 ossec-servers running. Each ossec-server is sending the mails to a central gmail account. All I want is, to categorize the mails from each infrastructure. In other words I want to tag the emails with Dev, Prod or Test. Is there any way to do this, as I searched a lot in the configuration file ??? I think your best bet is to have them sent from different email addresses. Thanks. -- --- You received this message because you are subscribed to the Google Groups ossec-list group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups ossec-list group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ossec-list] ossec-maild tags
Or you could change this file: https://github.com/ossec/ossec-hids/blob/master/src/os_maild/sendmail.c on each server and add something to SUBJECT so you can filter that out on gmail. I always have to change this file as my local mailserver is very strict about the HELOMSG and I have to change it to the servername. Regards Christian Am 14.03.2014 13:09, schrieb dan (ddp): On Thu, Mar 13, 2014 at 3:01 AM, Gaurav Rajput gx1...@gmail.com wrote: Hi, I have 3 different infrastructures (Development, Production and Testing), running the same configuration (with same ip-address and subnet) and nodes. I have 3 ossec-servers running. Each ossec-server is sending the mails to a central gmail account. All I want is, to categorize the mails from each infrastructure. In other words I want to tag the emails with Dev, Prod or Test. Is there any way to do this, as I searched a lot in the configuration file ??? I think your best bet is to have them sent from different email addresses. Thanks. -- --- You received this message because you are subscribed to the Google Groups ossec-list group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups ossec-list group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ossec-list] ossec-maild tags
Hi, We had a similar requirement here. I just added an additional option to the ossec.conf that get's added into the mail headers (X-IDS-OSSEC: $value) to be able to use that to sort the emails from the different masters. I currently don't have a patch file with only that change (for stupid reasons all our changes are currently lumped into one big patch file), but If you can wait until next week I'm planning on having a look at git and forks and all that fun. So I should, at the very least, have a patch file or fork with that feature singled out. Ryan On 3/13/2014 2:01 AM, Gaurav Rajput wrote: Hi, I have 3 different infrastructures (Development, Production and Testing), running the same configuration (with same ip-address and subnet) and nodes. I have 3 ossec-servers running. Each ossec-server is sending the mails to a central gmail account. All I want is, to categorize the mails from each infrastructure. In other words I want to tag the emails with Dev, Prod or Test. Is there any way to do this, as I searched a lot in the configuration file ??? Thanks. -- --- You received this message because you are subscribed to the Google Groups ossec-list group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com mailto:ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. smime.p7s Description: S/MIME Cryptographic Signature
[ossec-list] ossec-maild tags
Hi, I have 3 different infrastructures (Development, Production and Testing), running the same configuration (with same ip-address and subnet) and nodes. I have 3 ossec-servers running. Each ossec-server is sending the mails to a central gmail account. All I want is, to categorize the mails from each infrastructure. In other words I want to tag the emails with Dev, Prod or Test. Is there any way to do this, as I searched a lot in the configuration file ??? Thanks. -- --- You received this message because you are subscribed to the Google Groups ossec-list group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
